STARWEST 2018 - Security

If you are a software tester in 2018, chances are you're testing a website or web application. Whether you are testing in a browser, within a web “wrapper” framework like Electron, or even a web app wrapped in a mobile application, your customers are using web apps and websites constantly—and they want them to work well. Our challenge in test, of course, is to test as thoroughly and efficiently as we can, given our time and resource constraints. Long time software testing veteran Alan Page demonstrates some of his favorite free or inexpensive tools for testing web apps and shares...

There are many crowdsourcing vulnerability discovery techniques available today, making it difficult for testers to choose an approach that finds important vulnerabilities while offering the best bang for the buck. Join Mike Shema as he shares several years of real-world data that will help you understand the different discovery techniques, such as bug bounty programs and scanners, and the best time to use each technique. Mike also will discuss how your approach may change according to your lifecycle, and ways to think about integrating security within that process. You'll see how metrics...