1 Day Tutorial
This course focuses on Internet/Intranet
security vulnerabilities and how to automate security testing on your
Web applications.
80% of all hacker attacks breach the system
by exploiting vulnerabilities in the user interface. Who tests the user
interface in your organization?
Would you recognize security vulnerability in
your system or application if you saw it? Most testers and developers
don’t recognize security vulnerabilities when they see them. So it isn’t
surprising that most test groups don’t perform any security specific
testing at all. Security testing is easy to add to your test strategy;
and it’s a good candidate for automation.
This seminar brings you up to speed on today’s
security realities and shows you just how insecure our Internet/Intranet
systems are. You will find out what hackers are doing, and how they are
doing it. This seminar shows testers what to test for and how to test it
to ensure their system is able to withstand current attack strategies,
as well as how to connect to ongoing information streams that will keep
them on top of security vulnerabilities as they are discovered.
Students Learn
- How hackers break into our systems
- What tests you need to perform to detect weaknesses in your Web
server, Database Server, your Portals, and your Applications
- How to automate these tests and use them for more than just
security testing
- How to report your results so that management understands the
value of your effort
- Where to find security resources, blogs, and newsletters that
will help you stay informed about current security Issues
Outline
- Introduction
- The good news about security vulnerability
- What’s at risk
- Reporting
- What to test for and how to test it
- The 4 main security vulnerabilities and how to design tests for
each
- Buffer Overflow
- Cross Site Scripting (XSS)
- SQL Injections
- Encoded Strings
- Other Security Issues
- Phishing and Pharming
- How to automate your security tests
|
