Skip to main content

Security Testing


TG Security Testing for Test Professionals
Jeffery Payne, Coveros, Inc.
Tue, 09/29/2015 - 8:30am

Today’s software applications are often security critical, making security testing essential in a software quality program. Unfortunately, most testers have not been taught how to effectively test the security of the software applications they validate. Join Jeffery Payne as he shares what you need to know to integrate effective security testing into your everyday software testing activities. Learn how software vulnerabilities are introduced into code and exploited by hackers. Discover how to define and validate security requirements. Explore effective test techniques for assuring that common security features are tested. Learn about the most common security vulnerabilities, how to identify key security risks within applications, and how to use testing to mitigate them. Understand how to security test applications—both web- and GUI-based—during the software development process. Review examples of how common security testing tools work and are used in the security testing process. Take home valuable tools and techniques for effectively testing the security of your applications going forward.

Read more

Concurrent Sessions

W6 Testing the Internet of Things
Jason Arbon,
Wed, 09/30/2015 - 11:30am

The Internet of Things (IoT) is here, and it brings new testing problems, complexity, and, in Jason Arbon’s opinion, a bit more fun. Tiny computers are embedded in everything from light bulbs and shoes to baby diapers. The tiny devices are attached to cattle, humans, cars, and trash cans. The number of IoT devices is set to explode into the tens of billions in the next few years. Consumers expect all these devices to simply work—and work well—with each other. It is easy to test a web app with a mouse and keyboard, or to test a mobile app with a few swipes, but IoT demands that testers determine how to vary the temperature, generate good and bad golf swings, and verify that this device plays well with all those other devices. The topics of security and privacy are more important than ever in this IoT world. Join Jason for a glimpse into the emerging and fun world of IoT testing.

Read more
T23 Testing Application Security: The Hacker Psyche Exposed
Mike Benkovich, Imagine Technologies, Inc.
Thu, 10/01/2015 - 3:00pm

Computer hacking isn’t a new thing, but the threat is real and growing even today. It is always the attacker’s advantage and the defender’s dilemma. How do you keep your secrets safe and your data protected? In today’s ever-changing technology landscape, the fundamentals of producing secure code and systems are more important than ever. Exploring the psyche of hackers, Mike Benkovich exposes how they think, reveals common areas where they find weakness, and identifies novel ways to test your defenses against their threats. From injection attacks and cross-site scripting to security mis-configuring and broken session management, Mike examines the top exploits, shows you how they work, explores ways to test for them, and then shares what you can do to help your team build more secure software in the future. Join Mike and help your company avoid being at the center of the next media frenzy over lost or compromised data.

Read more


K3 Lightning Strikes the Keynotes
Lee Copeland, TechWell Corp.
Wed, 09/30/2015 - 4:15pm

Throughout the years, Lightning Talks have been a popular part of the STAR conferences. If you’re not familiar with the concept, Lightning Talks consists of a series of five-minute talks by different speakers within one presentation period. Lightning Talks are the opportunity for speakers to deliver their single biggest bang-for-the-buck idea in a rapid-fire presentation. And now, lightning has struck the STAR keynotes. Some of the best-known experts in testing will step up to the podium and give you their best shot of lightning. Get multiple keynote presentations for the price of one—and have some fun at the same time.Lightning Strikes the Keynotes

Read more