Skip to main content

Security Testing

Concurrent Sessions

T2 Evaluating and Testing Web APIs
Ole Lensmar, SmartBear Software
Thu, 10/03/2013 - 9:45am

Thanks to the massive adoption of cloud and mobile applications, web APIs are moving to center stage for many business and technology teams. As a direct result, the need to deliver a high-quality API experience is essential. When it comes to quality aspects of web APIs, there is more than first meets the eye. Apart from obvious characteristics related to functionality, performance, and security, several not-so-obvious traits of APIs are crucial for their adoption—many related to the context of the end user and how the API is to be consumed.

Read more
T17 Security Testing Mobile Applications
Jeff Payne, Coveros, Inc.
Thu, 10/03/2013 - 1:30pm

Due to the sensitive nature of the personal information often stored on mobile phones, security testing is vital when building mobile applications. Jeff Payne discusses some of the characteristics that make testing mobile applications unique and challenging. These characteristics include how mobile devices store data, fluid trust boundaries due to untrusted applications installed on the device, different and unique aspects of device security models, and differences in the types of threats one must be concerned with. Jeff shares hints and tips for effectively testing mobile applications.

Read more
T23 The Google Hacking Database: A Key Resource to Exposing Vulnerabilities
Kiran Karnad, MIMOS Berhad
Thu, 10/03/2013 - 3:00pm

We all know the power of Google—or do we? Two types of people use Google: normal users like you and me, and the not-so-normal users—the hackers. What types of information can hackers collect from Google? How severe is the damage they can cause? Is there a way to circumvent this hacking? As  a security tester, Kiran Karnad uses the GHDB (Google Hacking Database) to ensure their product will not be the next target for hackers.

Read more