Code
BCTQC005
Duration
3 days
Price
550 €*
No opened sessions
Notify me when available
* the price doesn't contain VAT taxes

DescriptionWhat we offer

This course describes how to get started with security testing, introducing foundational security testing concepts and showing you how to apply those security testing concepts with free and commercial tools and resources. Offering a practical risk-based approach, the instructor discusses why security testing is important, how to use security risk information to improve your test strategy, and how to add security testing into your software development lifecycle.

ObjectivesWhat you learn

  • Learn how testing professionals can effectively security test software
  • Discover how applications are developed and tested with security in mind
  • Learn how to use security requirements to plan your testing efforts
  • Explore key aspects of security testing—web security, threat modeling, risk assessment
  • Examine technical and team skills you need for success
  • Learn to use common security testing tools for a variety of testing purposes

TopicsThe best for you

Introduction to Security Testing

  • History of information security
  • The software security problem
  • Understanding risk
  • Security testing approaches
  • Security testing framework

Security Testing Prior to Development

  • Security policy and standards
  • Secure software development process

Security Testing During Definition and Design

  • Security requirements
  • Architecture and design reviews
  • Threat modeling
  • Security test planning

Security Testing During Implementation

  • Secure code review
  • Security testing features and functions
  • Security testing interfaces and exceptions

Understanding and Testing Security Controls

  • Authentication and access control
  • Input validation and encoding
  • Encryption
  • User and session management
  • Error and exception handling
  • Audit and logging

Security Test tools

Workshop

Need this course inside your company?

PrerequisitesWhat should you know

  • A background of basic software testing principles is required also a working knowledge of system testing and quality assurance fundamentals is assumed, but no specific technical background is required.

AudienceWho should attend

  • 
This course is appropriate for software development and testing professionals who want to begin doing security testing as part of their assurance activities. Test and development managers will benefit from this course as well.