Security Testing

Tutorials

TN SOLD OUT! Security Testing for Test Professionals

Jeff Payne, Coveros, Inc.

Tue, 06/04/2013 - 1:00pm

Your organization is doing well with functional, usability, and performance testing. However, you know that software security is a key part of software assurance and compliance strategy for protecting applications and critical data. Left undiscovered, security-related defects can wreak havoc in a system when malicious invaders attack. If you don’t know where to start with security testing and don’t know what you are—or should be—looking for, this tutorial is for you.

Concurrent Sessions

BW4 Mobile Application Testing: Challenges and Best Practices

Jimmy Xu, CGI

Wed, 06/05/2013 - 10:15am

With the rapid rise of mobile devices including smartphones and tablets, many organizations are rolling out mobile apps to extend the reach of their traditional web applications. Although the methodology for mobile application testing is fundamentally the same as that of traditional web and desktop application testing, mobile apps testing presents some unique challenges and issues including coverage of a myriad of mobile devices, usability testing, integration of mobile testing with web interface testing, mobile app performance, and security issues.

BW8 Software Security Goes Mobile

Erik Costlow, HP Enterprise Security

Wed, 06/05/2013 - 2:15pm

Erik Costlow says that, as more and more business is transacted on mobile platforms, securing the applications and data that run on them is a business imperative. Developers and their managers are asked to make key decisions regarding data caching, authorized permissions, authentication requirements on the backend, and safe coding practices—all of which contribute to the protection of their organization’s intellectual property. However, hackers have taken advantage of a knowledge gap to develop creative attacks against mobile applications.

BW12 Hybrid Security Analysis: Bridging the Gap between Inside-Out and Outside-In

Arthur Hicken, Parasoft

Wed, 06/05/2013 - 3:45pm

With the rising adoption of the cloud and the mobile revolution, software security is more important and complex than ever. The efforts of developers and testers are frequently disconnected, wasting time and reducing effectiveness. Arthur Hicken describes how hybrid security analysis bridges the gap between static analysis and penetration testing by detecting security vulnerabilities with unprecedented accuracy—and few false positives. Testers receive an instant assessment of where security attacks actually penetrated the application.