Exploring Security in Day-to-day Testing
10th October 2023
-
Locked
Richard Adams
Talk Description
Security testing sounds like it might be best left to the “experts”, whoever they are, but I will share how we can include it in our day-to-day testing. From exploratory testing to API and automated testing, there are things that we can and should be doing.
Through my talk, I will share how I’ve learnt how my time spent on training courses and taking part in challenges has shown me that security testing is perfect for the exploratory tester. We will learn some basic techniques using just our browsers and also how free tools can help us along the way.
Through my talk, I will share how I’ve learnt how my time spent on training courses and taking part in challenges has shown me that security testing is perfect for the exploratory tester. We will learn some basic techniques using just our browsers and also how free tools can help us along the way.
By the end of this session, you'll be able to:
- Describe what XSS, SQL injection and elevation of privilege attacks are
- Recognise that security testing is something that they can & should be doing
- Identify the "low hanging fruit" security bugs in their software
- Execute penetration tests against an online system (workshop/activity only)
Richard Adams
He / Him
Passionate about quality & testing. Looking for new roles where I have the opportunity to lead and share my love for quality.
Sign in
to comment
Suggested Content
Create, run, and maintain web and mobile tests with no-code, AI-driven automation in the cloud
Explore MoT
Mitigate security risks by building simple security testing techniques into your daily routine
Into the MoTaverse is a podcast by Ministry of Testing, hosted by Rosie Sherry, exploring the people, insights, and systems shaping quality in modern software teams.
