Exploring Security in Day-to-day Testing

10th October 2023
  • Locked
Richard Adams's profile
Richard Adams

Quality Coach

Exploring Security in Day-to-day Testing image
Talk Description
Security testing sounds like it might be best left to the “experts”, whoever they are, but I will share how we can include it in our day-to-day testing. From exploratory testing to API and automated testing, there are things that we can and should be doing.

Through my talk, I will share how I’ve learnt how my time spent on training courses and taking part in challenges has shown me that security testing is perfect for the exploratory tester. We will learn some basic techniques using just our browsers and also how free tools can help us along the way.

By the end of this session, you'll be able to:

  • Describe what XSS, SQL injection and elevation of privilege attacks are
  • Recognise that security testing is something that they can & should be doing
  • Identify the "low hanging fruit" security bugs in their software
  • Execute penetration tests against an online system (workshop/activity only)
Quality Coach
After my first full time job as a games tester, I've had a varied career from Gameplay Systems Designer to Software Engineer for security systems with a couple of roles in between.
Red Pen Testing image
Suggested Content
The membership for software testing professionals image
Join thousands of other software testers in levelling up their careers
Explore MoT
Episode Eight: Exploring Quality Engineering image
Explore the principles and practices of quality engineering
Cognitive Biases In Software Testing
Learn how to recognise cognitive biases, explain what they are and use them to your advantage in your testing
This Week in Testing
Debrief the week in Testing via a community radio show hosted by Simon Tomes and members of the community
Subscribe to our newsletter
We'll keep you up to date on all the testing trends.