$575

CHCon Training - Security Testing for Software Testers

Event Information

Share this event

Date and Time

Location

Location

UCSA Events Centre

90 Ilam Rd

Riccarton

Christchurch

New Zealand

View Map

Friends Who Are Going
Event description

Description

Level: Basic

Duration: Full Day

Trainers: Nick Malcolm and Sam Macleod (SafeStack)

Cost: $500+GST ($575)

Brief

Testing is a key part of development life cycles, from checking your functional requirements actually work to constraining development to keep code focused and concise (TDD). Security testing however is often not conducted inside our life cycles. We often wait until development is completed and ask third party penetration testing firms to find our issues for us. Bugs are often missed or are found too late to remediate. Cost of remediation escalates and our systems become tightly coupled and increasingly fragile as a result.

Why would we want to finish engineering before finding fundamental security issues? Shouldn't we try to find these as early and often as possible? Shouldn't we take every opportunity to identify security flaws in our applications?

This course will help teams weave security testing into their own testing life cycles and tool chains without compromising agility or innovation.


Learnings

  • How to plan test scenarios, and foundation concepts behind testing against the OWASP top 10.
  • The risks associated with common web application vulnerabilities.
  • Hands-on lab experience testing common web application vulnerabilities, and an introduction to testing tools.


More Detail

A fast-paced course aligned with the Open Web Application Security Project (OWASP) top 10 application security vulnerabilities. In addition to these vulnerabilities, students will gain a solid grounding in how to bring security into their testing toolsets and working practices. This includes:

  • Security test cases, stories and what to test
  • Manual security testing key skills (parameter tampering, proxying and other basics)
  • Introduction to security testing frameworks
  • Automated security testing
  • Introduction to vulnerability scanning
  • Automated vulnerability scanning as part of development tool chains


About the Trainers

Nick is a security consultant, working at SafeStack. He comes from a software development background, having led the development of a global cloud security product protecting millions of users from account takeover attacks. This required setting and maintaining a secure development culture within the team at both a code and process level, and provided the opportunity to create and deliver conference presentations and blog content for developer communities. Now in an advisory role Nick is able to use his years of on the ground experience to understand and explain security topics in an accessible way, and provide achievable and practical security solutions.

Nick will be accompanied by his colleague Sam Macleod.

Share with friends

Date and Time

Location

UCSA Events Centre

90 Ilam Rd

Riccarton

Christchurch

New Zealand

View Map

Save This Event

Event Saved