STAREAST 2023 - Security Testing
Tuesday, May 2
Web Security Testing: The Basics and More
Web applications are often security critical or serve as front-ends for security critical applications, making web testing for vulnerabilities an essential part of software testing. Unfortunately, most software testers have not been taught how to identify web security issues while testing applications. Join Tom Stiehm as he shares what you need to know to security test web-based applications as part of your overall testing process. Learn about the most common web security vulnerabilities and how they are introduced into web code and exploited by hackers. Explore test techniques for...
Thursday, May 4
Building an API Automation Framework Using Cypress
In this session, Greg Patterson will share his experience starting on a new team that was directed to use Cypress for automation, and API automation was also a requirement. Cypress has the ability to support both of these needs, but it is something that takes a little work. After some short training sessions, Greg was able to help all of his team to contribute to the automation efforts by creating a simple framework that could be used for both UI and API automation. Greg will share his experience with integrating the frameworks into Azure DevOps to run tests in the cloud. Key features to...
Meet GitHub Advanced Security
PreviewFind and fix security vulnerabilities before code hits the main branch in your repo. GitHub Advanced Security (GHAS) helps teams secure their software supply chain and proprietary code with the only community-driven, native application security testing solution. GHAS is built to optimize the developer experience through automation. Identify and fix reported security issues quickly and efficiently by integrating security testing into every step of the developer workflow. GHAS components: - Code scanning: Find and fix security issues in your code before they reach production with...