Context Driven Security - Bill Matthews

Talk Description

Application Security is a hot topic and increasingly software testers are being asked to carry out “security tests”; sometimes this is in addition to external security tests but often instead of. Despite the widespread availability of resources on security testing, much of it focuses on techniques so it can be difficult for testers to know where to start and what is important to their context.

Building a Threat Model can help testers formulate a more context driven approach to security testing and help frame these tests by linking your application/assets to possible threats and vulnerabilities, to the tests you are carrying out (or not) and the techniques needed to implement them.

This session will provide an interactive introduction to Threat Modelling and how it can be used to formulate a more context driven approach to security testing.

By the end of this session, you'll be able to:

Bill Matthews

Bill Matthews has been a freelance test consultant for over 20 years working mainly on complex integration and migration as a Test Architect and as a Technical Lead. He champions the use of modern and effective approaches to development and testing.

He is a regular contributor to the testing community at both local and international levels through conference speaking, coaching/mentoring and delivering workshops and training focusing on automation, performance, reliability, security testing and more recently artificial intelligence.