Risk-Based Security Testing Strategy
Software security is a key element in your assurance and compliance strategy for protecting your applications and critical data. Organizations need applications that not only work correctly under normal use but also continue to work acceptably in the face of malicious attack. Software security testing extends beyond basic functional requirements and is a critical part of a secure software development life cycle. Risk-based security testing is about building confidence that attackers cannot turn security risks into security problems. This course teaches you to think like an attacker when testing your applications.
- Illustrate a white box approach to look inside your code and design tests that prevent downstream security problems
- Recommend strategies for prioritizing risks
- Suggest methods to bootstrap your test improvement process
- Provide examples of security defects, and discuss testing strategies to expose those kinds of problems
- Develop a white box testing strategy based on real-world risks to improve where and how testing resources can be focused.
- Describe how to use architecture risk analysis and abuse case artifacts to enhance test plans.
- Use knowledge of common software errors to develop test cases that expose them.
- Strategize ways to integrate risk-based security testing into your SDLC.
Delivery Format: eLearning
Duration: 75 Minutes
- Front-End Developers
- Back-End Developers
- QA Engineers
Competencies: Understanding of security risks, attack patterns, and code as part of testing
Get more course information