SI Secure
SI Secure
IndustriesServicesProductsCompanyLibrary
Products | TeamProfessor


Fundamentals of Security Testing

Try Course Download
Course Curriculum or Data Sheet		 Contact
+1.978.694.1008 x1 or Web form

Course Overview
This course introduces security-testing concepts and processes that will help you analyze an application from a security perspective and to conduct effective security testing. The course focuses on the different categories of security vulnerabilities and the various testing approaches that target these classes of vulnerabilities. Several manual and automated testing techniques are presented which will help you identify common security issues during testing and uncover security vulnerabilities.

Upon completion of this course, you will be able to:

  • Recognize how security testing fits in the Security Development Life Cycle (SDL)

  • Understand how security testing differs from functional testing

  • Categorize and test for common and dangerous security vulnerabilities

  • Leverage manual techniques and automated tooling for security testing
     

Modules

Analyzing Applications with a Security Mindset
This module introduces you to the role security testing plays within the Security Development Life Cycle (SDL) and the specific requirements and activities that need to be adhered to. Information sources for security testing and functional testing are contrasted and you will learn how the main sources of information for security testing can be leveraged to conduct testing. Inputs and input entry points are then analyzed from a security perspective. Security test automation and risk quantification, two important topics for security testers, finalize the module.

After completing this module, you will be able to:

  • Identify information sources for security testing
  • Assess inputs and data from a security perspective
  • Consider automating security testing
  • Define stopping criteria for security testing.
     

Applying Security Testing Approaches
Security vulnerabilities can originate from different sources—from the environment, from the input, and from data and logic within the application. This module describes the different types of vulnerabilities and provides examples of each.

You will be shown various testing approaches designed to identify the different types of vulnerabilities. For each approach, you will learn what problem is being looked for, how to conduct testing, and how to identify symptoms that may indicate that a vulnerability is present in the software.

This module also present two important testing techniques, fuzz testing and fault injection, that help security testers maximize their efficacy and efficiency,

After completing this module you will be able to:

  • Categorize security vulnerabilities

  • Test for environment, input,  and data & logic vulnerabilities

  • Use fuzz-testing and fault-injection tools

Assessment
Participants will complete various self-test questions throughout the course

 
Visit our online Training Center to sample this course for free

 

For more information,  please contact us at +1.978.694.1008 x1 or by web form

 

back to the top of the page