Security Testing Training

Security Testing is a software testing type where testers main intention is to uncover vulnerabilities of the system and determine that its data and resources are protected from possible intruders.

There are main four areas to be considered while security testing
- Network Security
- Client side application security
- Server side application security
- System software security

Following are the list of top 10 Application Security Risks of 2017
1. Injection
2. Broken Authentication
3. Sensitive Data Exposure
4. XML External Entities (XXE)
5. Broken Access Control
6. Security Misconfiguration
7. Cross-Site Scripting (XSS)
8. Insecure Deserialization
9. Using Components with Known Vulnerabilities
10. Insufficient Logging&Monitoring

For more information you can visit https://www.owasp.org

Security testing is a process intended to reveal flaws in the security mechanisms of an information system that protects data and maintains functionality as intended. Typical security requirements may include specific elements of confidentiality, integrity, authentication, availability, authorization and non-repudiation. Actual security requirements tested depend on the security requirements implemented by the system.

Learning outcomes

If you complete the course successfully, you should have:

- Gained an understanding of common approaches and methodologies used for carrying out and managing security and penetration testing, as well as an understanding of the legal aspects involved in such audits
- Gained a detailed understanding of some typical network protocols, relevant computer system architectures, and web application systems
- Gained an understanding of the vulnerabilities in some existing protocols, systems, and applications, and some common forms of attack; in addition, an understanding of the security technologies designed to mitigate these vulnerabilities
- Gained practical experience of how these vulnerabilities may be exploited in practice to penetrate a system