Security Testing

Tutorials

TL Security Testing for Test Professionals

Jeff Payne, Coveros, Inc.

Tue, 10/14/2014 - 1:00pm

Today’s software applications are often security critical, making security testing an essential part of a software quality program. Unfortunately, most testers have not been taught how to effectively test the security of the software applications they validate. Join Jeff Payne as he shares what you need to know to integrate effective security testing into your everyday software testing activities. Learn how software vulnerabilities are introduced into code and exploited by hackers. Discover how to define and validate security requirements.

Concurrent Sessions

T18 Testing Application Security: The Hacker Psyche Exposed

Mike Benkovich, Imagine Technologies, Inc.

Thu, 10/16/2014 - 1:30pm

Computer hacking isn’t a new thing, but the threat is real and growing even today. It is always the attacker’s advantage and the defender’s dilemma. How do you keep your secrets safe and your data protected? In today’s ever-changing technology landscape, the fundamentals of producing secure code and systems are more important than ever. Exploring the psyche of hackers, Mike Benkovich exposes how they think, reveals common areas where they find weakness, and identifies novel ways to test your defenses against their threats.

T24 Testing API Security: A Wizard’s Guide

Ole Lensmar, SmartBear Software

Thu, 10/16/2014 - 3:00pm

As we've seen in recurring events in the past year, web services APIs are a primary target for security attacks—and the consequences can be catastrophic for both API providers and end users. Stolen passwords, leaked credit card numbers, and revealed private messages and photos are just some of the headaches awaiting those who have been compromised. Ole Lensmar puts on his hacker-cloak to show how attackers break systems via web service APIs with fuzzing, session spoofing, injection attacks, cross-site scripting, and other methods.