Topic: Security testing

Security issues are among the highest concerns of many organizations. Despite this fact, security testing is often the least understood and least defined task. Security testing is a broad effort that requires a domain of expertise beyond traditional software testing. In particular, application software security testing is very different from software functionality testing.

This two-day course teaches you security issues; outlines how software-testing roles fit in the big picture; and gives you effective techniques that help you seek out application security vulnerabilities. The course focuses on security-related testing as it is applied to testing web sites, web applications, and software applications. This course is ideal for software testing professionals who are facing the new challenges and responsibilities for determining the scope of security testing to be done at the application level, and then having to construct the test plan and carry out the testing. We will start with an overview of security concepts, including common vulnerabilities and hacking techniques used against web sites and applications. Then we will discuss test strategy and planning; followed by instruction on how to design powerful tests to expose security errors. The course closes with discussions of how to apply the testing techniques to your own testing projects. You will come away with a clear understanding of testing for software security and you will learn of many testing techniques, tools and resources that can be used immediately.