1. Home
  2. Security Testing for Test Professionals

Security Testing for Test Professionals

Explore security testing in an interactive workshop setting. This course is appropriate for software development and testing professionals who want to begin doing security testing as part of their assurance activities.

Full Description and Outline

Upcoming Classes

= Guaranteed to Run
Dates
Mode
Location
Price
Dec 03Dec 04, 2024
Live Virtual
Virtual Classroom
Virtual Classroom
$1,495
Attend
Jan 14Jan 15, 2025
Live Virtual
Virtual Classroom
Virtual Classroom
$1,495
ATTEND
Mar 11Mar 12, 2025
Live Virtual
Virtual Classroom
Virtual Classroom
$1,495
Attend
Apr 27Apr 28, 2025
Public Classroom
Orlando, FL
Orlando, FL at STAREAST
$1,545
ATTEND
Call to Schedule
Anytime
On-Site / Private
Your Location
Your Location
Request a Quote
Contact Us
Select a learning mode button (Public, Live Virtual, etc.) for pricing, details, and a downloadable fact sheet.
Description
  • Learn how testing professionals can effectively security test software
  • Discover how applications are developed and tested with security in mind
  • Learn how to use security requirements to plan your testing efforts
  • Explore key aspects of security testing – web security, threat modeling, risk assessment
  • Examine technical and team skills you need for success
  • Learn to use common security testing tools for a variety of testing purposes

Course Description
Your organization is doing well with functional, usability, and performance testing. However, you know that software security is a key part of your assurance and compliance strategy for protecting applications and critical data. Left undiscovered, security-related defects can wreak havoc in a system when malicious invaders attack. If you don’t know where to start with security testing and don’t know what you are looking for, this course is for you. It describes how to get started with security testing, introducing foundational security testing concepts and showing you how to apply those security testing concepts with free and commercial tools and resources. Offering a practical risk-based approach, the instructor discusses why security testing is important, how to use security risk information to improve your test strategy, and how to add security testing into your software development lifecycle.

Practice of Security Testing
Explore security testing in an informal and interactive workshop setting. Examples are studied through a series of small group exercises and discussions.

Who Should Attend?
This course is appropriate for software development and testing professionals who want to begin doing security testing as part of their assurance activities. Test and development managers will benefit from this course as well. A background in software testing is necessary for this course.

This class will have several hands-on exercises done in small groups. Laptops are suggested but not required. All exercises are cloud-based so there are no requirements to download programs to your laptop.
Questions? 929.777.8102 [email protected]
Course Outline
Introduction to Security Testing
Information Security Background
CIAA++
 
Understanding Software Application Risk
The Software Security Problem
Understanding Risk
Threat Modeling
Architecture Risk Analysis
Risk Assessment Exercise
Prioritizing Security Assurance
 
Application Security Testing Approaches
Types of App Security Testing
Discovery & Reconnaissance Analysis
Vulnerability Scanning
Security Assessments
Red Teaming
Security & Compliance Audit
How They Are Similar
How They Are Different
Reconnaissance and Scanning Demos
 
Security Requirements
Functional Security Requirements
Non-Functional Security Requirements
Addressing Conflicts
Identifying Security Requirements
Security Requirements Exercise
Use and Abuse Cases
Security Testing to Thwart Attacks
 
Security Testing Authentication
Attacks Against Authentication
Session IDs and Cookies
Authentication Testing
Race Conditions
Session Management
Replay Attacks
Cross Site Request Forgery (CSRF)
Testing Authentication Exercise
 
Security Testing Authorization / Access Control
Testing Access Control
Security Testing Authorization Exercise
 
Security Testing Input Fields
Input Validation
Data Validation
Common Attacks
Security Testing Input Fields Exercise
 
Database Testing for Security
Security Testing for Data Storage
Security Testing Databases Exercise
 
Security Testing Code and Resources
 
Integrating Security into Your Testing Process
Security in an Agile World
Security in a Waterfall World
Developing a Security Test Plan
Tools to Support Security Testing
Security Tools in a DevOps Process
Exploiting Vulnerabilities Exercise
 
Wrap Up
 
Related Courses
Mobile Test Automation Workshop

This course is the follow-on, companion course to Mobile Application...Learn more

Essential Test Management and Planning

Learn how to achieve a consensus on important test strategy issues such as resource allocation, risk prioritization, automation, and more. This...Learn more

Hands-On Chef Workshop

Get hands-on experience with Chef, Vagrant, automation scripts, and more, in this one-day, follow-on course to...Learn more
= Guaranteed to Run
Dates
Mode
Location
Price
Apr 27Apr 28, 2025
Public Classroom
Orlando, FL
Orlando, FL at STAREAST
$1,545
ATTEND
Download Fact Sheet
Price: $1,545 USD
Course Duration: 2 Days
Description
  • Learn how testing professionals can effectively security test software
  • Discover how applications are developed and tested with security in mind
  • Learn how to use security requirements to plan your testing efforts
  • Explore key aspects of security testing—web security, threat modeling, risk assessment
  • Examine technical and team skills you need for success
  • Learn to use common security testing tools for a variety of testing purposes

Course Description
Your organization is doing well with functional, usability, and performance testing. However, you know that software security is a key part of your assurance and compliance strategy for protecting applications and critical data. Left undiscovered, security-related defects can wreak havoc in a system when malicious invaders attack. If you don’t know where to start with security testing and don’t know what you are looking for, this course is for you. It describes how to get started with security testing, introducing foundational security testing concepts and showing you how to apply those security testing concepts with free and commercial tools and resources. Offering a practical risk-based approach, the instructor discusses why security testing is important, how to use security risk information to improve your test strategy, and how to add security testing into your software development lifecycle.

Practice of Security Testing
Explore security testing in an informal and interactive workshop setting. Examples are studied through a series of small group exercises and discussions.

Who Should Attend
This course is appropriate for software development and testing professionals who want to begin doing security testing as part of their assurance activities. Test and development managers will benefit from this course as well. A background in software testing is necessary for this course.

This class will have several hands-on exercises done in small groups. Laptops are suggested but not required. All exercises are cloud-based so there are no requirements to download programs to your laptop.
Questions? 929.777.8102 [email protected]
Course Outline
Introduction to Security Testing
Information Security Background
CIAA++
 
Understanding Software Application Risk
The Software Security Problem
Understanding Risk
Threat Modeling
Architecture Risk Analysis
Risk Assessment Exercise
Prioritizing Security Assurance
 
Application Security Testing Approaches
Types of App Security Testing
Discovery & Reconnaissance Analysis
Vulnerability Scanning
Security Assessments
Red Teaming
Security & Compliance Audit
How They Are Similar
How They Are Different
Reconnaissance and Scanning Demos
 
Security Requirements
Functional Security Requirements
Non-Functional Security Requirements
Addressing Conflicts
Identifying Security Requirements
Security Requirements Exercise
Use and Abuse Cases
Security Testing to Thwart Attacks
 
Security Testing Authentication
Attacks Against Authentication
Session IDs and Cookies
Authentication Testing
Race Conditions
Session Management
Replay Attacks
Cross Site Request Forgery (CSRF)
Testing Authentication Exercise
 
Security Testing Authorization / Access Control
Testing Access Control
Security Testing Authorization Exercise
 
Security Testing Input Fields
Input Validation
Data Validation
Common Attacks
Security Testing Input Fields Exercise
 
Database Testing for Security
Security Testing for Data Storage
Security Testing Databases Exercise
 
Security Testing Code and Resources
 
Integrating Security into Your Testing Process
Security in an Agile World
Security in a Waterfall World
Developing a Security Test Plan
Tools to Support Security Testing
Security Tools in a DevOps Process
Exploiting Vulnerabilities Exercise
 
Wrap Up
Class Schedule
Sign-In/Registration 7:30 - 8:30 a.m.
Morning Session 8:30 a.m. - 12:00 p.m.
Lunch 12:00 - 1:00 p.m.
Afternoon Session 1:00 - 5:00 p.m.
Times represent the typical daily schedule. Please confirm your schedule at registration.
Class Fee Includes
• Digital course materials
• Continental breakfasts and refreshment breaks
• Lunches
• Letter of completion
Instructors
Jeff Payne

Jeffery Payne

Spotlight

Jeffery Payne has led Coveros since its inception in 2008. Under his guidance, the company has become a recognized market leader in secure agile software development. He is a popular keynote and featured speaker at technology conferences and has testified before Congress on technology issues such as intellectual property rights...Learn More

Derek Evans

Derek Evans

Derek Evans been in the application security sector for 15 years, working in eight different industries and rising through the ranks to serve as AppSec and DevOps director. At the tactical level, he has worked to advise clients on implementation and maturity of their software security initiatives, security assessment programs...Learn More

= Guaranteed to Run
Dates
Mode
Location
Price
Dec 03Dec 04, 2024
Live Virtual
Virtual Classroom
Virtual Classroom
$1,495
Attend
Jan 14Jan 15, 2025
Live Virtual
Virtual Classroom
Virtual Classroom
$1,495
ATTEND
Mar 11Mar 12, 2025
Live Virtual
Virtual Classroom
Virtual Classroom
$1,495
Attend
Download Fact Sheet
Price: $1,495 USD
Course Duration: 3 Days / 2 Days
Description
  • Learn how testing professionals can effectively security test software
  • Discover how applications are developed and tested with security in mind
  • Learn how to use security requirements to plan your testing efforts
  • Explore key aspects of security testing—web security, threat modeling, risk assessment
  • Examine technical and team skills you need for success
  • Learn to use common security testing tools for a variety of testing purposes

Course Description
Your organization is doing well with functional, usability, and performance testing. However, you know that software security is a key part of your assurance and compliance strategy for protecting applications and critical data. Left undiscovered, security-related defects can wreak havoc in a system when malicious invaders attack. If you don’t know where to start with security testing and don’t know what you are looking for, this course is for you. It describes how to get started with security testing, introducing foundational security testing concepts and showing you how to apply those security testing concepts with free and commercial tools and resources. Offering a practical risk-based approach, the instructor discusses why security testing is important, how to use security risk information to improve your test strategy, and how to add security testing into your software development lifecycle.

Practice of Security Testing
Explore security testing in an informal and interactive workshop setting. Examples are studied through a series of small group exercises and discussions.

Who Should Attend
This course is appropriate for software development and testing professionals who want to begin doing security testing as part of their assurance activities. Test and development managers will benefit from this course as well. A background in software testing is necessary for this course.

This class will have several hands-on exercises done in small groups. Laptops are suggested but not required. All exercises are cloud-based so there are no requirements to download programs to your laptop.
Questions? 929.777.8102 [email protected]
Course Outline
Introduction to Security Testing
Information Security Background
CIAA++
 
Understanding Software Application Risk
The Software Security Problem
Understanding Risk
Threat Modeling
Architecture Risk Analysis
Risk Assessment Exercise
Prioritizing Security Assurance
 
Application Security Testing Approaches
Types of App Security Testing
Discovery & Reconnaissance Analysis
Vulnerability Scanning
Security Assessments
Red Teaming
Security & Compliance Audit
How They Are Similar
How They Are Different
Reconnaissance and Scanning Demos
 
Security Requirements
Functional Security Requirements
Non-Functional Security Requirements
Addressing Conflicts
Identifying Security Requirements
Security Requirements Exercise
Use and Abuse Cases
Security Testing to Thwart Attacks
 
Security Testing Authentication
Attacks Against Authentication
Session IDs and Cookies
Authentication Testing
Race Conditions
Session Management
Replay Attacks
Cross Site Request Forgery (CSRF)
Testing Authentication Exercise
 
Security Testing Authorization / Access Control
Testing Access Control
Security Testing Authorization Exercise
 
Security Testing Input Fields
Input Validation
Data Validation
Common Attacks
Security Testing Input Fields Exercise
 
Database Testing for Security
Security Testing for Data Storage
Security Testing Databases Exercise
 
Security Testing Code and Resources
 
Integrating Security into Your Testing Process
Security in an Agile World
Security in a Waterfall World
Developing a Security Test Plan
Tools to Support Security Testing
Security Tools in a DevOps Process
Exploiting Vulnerabilities Exercise
 
Wrap Up
Class Schedule
3-Day Class Daily Schedule: 12:00pm-4:30pm ET/9:00am-1:30pm PT
2-Day Class Daily Schedule: 10:30am-5:00pm ET/8:00am-2:00pm PT
Times represent the typical daily schedule. Please confirm class schedule at registration.
 

 

Class Fee Includes
  • Easy course access: Attend training right from your computer and easily connect your audio via computer or phone. Easy and quick access fits todayís working style and eliminates expensive travel and long days in the classroom.
  • Live, expert instruction: Instructors are sought-after practitioners, highly-experienced in the industry who deliver a professional learning experience in real-time.
  • Valuable course materials: Courses cover the same professional content as our classroom training, and students have direct access to valuable materials.
  • Rich virtual learning environment: A variety of tools are built in to the learning platform to engage learners through dynamic delivery and to facilitate a multi-directional flow of information.
  • Hands-on exercises: An essential component to any learning experience is applying what you have learned. Using the latest technology, your instructor can provide hands-on exercises, group activities, and breakout sessions.
  • Real-time communication: Communicate real-time directly with the instructor. Ask questions, provide comments, and participate in the class discussions.
  • Peer interaction: Networking with peers has always been a valuable part of any classroom training. Live Virtual training gives you the opportunity to interact with and learn from the other attendees during breakout sessions, course lecture, and Q&A.
  • Small class size: Live Virtual courses are limited in small class size to ensure an opportunity for personal interaction.
Instructors
Jeff Payne

Jeffery Payne

Spotlight

Jeffery Payne has led Coveros since its inception in 2008. Under his guidance, the company has become a recognized market leader in secure agile software development. He is a popular keynote and featured speaker at technology conferences and has testified before Congress on technology issues such as intellectual property rights...Learn More

Bring this course to your team at your site. Contact us to learn more at 929.777.8102.

= Guaranteed to Run
Dates
Mode
Location
Price
Call to Schedule
Anytime
On-Site / Private
Your Location
Your Location
Request a Quote
Contact Us
Download Fact Sheet
Course Duration: 2 Days
Description
  • Learn how testing professionals can effectively security test software
  • Discover how applications are developed and tested with security in mind
  • Learn how to use security requirements to plan your testing efforts
  • Explore key aspects of security testing—web security, threat modeling, risk assessment
  • Examine technical and team skills you need for success
  • Learn to use common security testing tools for a variety of testing purposes

Course Description
Your organization is doing well with functional, usability, and performance testing. However, you know that software security is a key part of your assurance and compliance strategy for protecting applications and critical data. Left undiscovered, security-related defects can wreak havoc in a system when malicious invaders attack. If you don’t know where to start with security testing and don’t know what you are looking for, this course is for you. It describes how to get started with security testing, introducing foundational security testing concepts and showing you how to apply those security testing concepts with free and commercial tools and resources. Offering a practical risk-based approach, the instructor discusses why security testing is important, how to use security risk information to improve your test strategy, and how to add security testing into your software development lifecycle.

Practice of Security Testing
Explore security testing in an informal and interactive workshop setting. Examples are studied through a series of small group exercises and discussions.

Who Should Attend
This course is appropriate for software development and testing professionals who want to begin doing security testing as part of their assurance activities. Test and development managers will benefit from this course as well. A background in software testing is necessary for this course.

This class will have several hands-on exercises done in small groups. Laptops are suggested but not required. All exercises are cloud-based so there are no requirements to download programs to your laptop.
Questions? 929.777.8102 [email protected]
Course Outline
Introduction to Security Testing
Information Security Background
CIAA++
 
Understanding Software Application Risk
The Software Security Problem
Understanding Risk
Threat Modeling
Architecture Risk Analysis
Risk Assessment Exercise
Prioritizing Security Assurance
 
Application Security Testing Approaches
Types of App Security Testing
Discovery & Reconnaissance Analysis
Vulnerability Scanning
Security Assessments
Red Teaming
Security & Compliance Audit
How They Are Similar
How They Are Different
Reconnaissance and Scanning Demos
 
Security Requirements
Functional Security Requirements
Non-Functional Security Requirements
Addressing Conflicts
Identifying Security Requirements
Security Requirements Exercise
Use and Abuse Cases
Security Testing to Thwart Attacks
 
Security Testing Authentication
Attacks Against Authentication
Session IDs and Cookies
Authentication Testing
Race Conditions
Session Management
Replay Attacks
Cross Site Request Forgery (CSRF)
Testing Authentication Exercise
 
Security Testing Authorization / Access Control
Testing Access Control
Security Testing Authorization Exercise
 
Security Testing Input Fields
Input Validation
Data Validation
Common Attacks
Security Testing Input Fields Exercise
 
Database Testing for Security
Security Testing for Data Storage
Security Testing Databases Exercise
 
Security Testing Code and Resources
 
Integrating Security into Your Testing Process
Security in an Agile World
Security in a Waterfall World
Developing a Security Test Plan
Tools to Support Security Testing
Security Tools in a DevOps Process
Exploiting Vulnerabilities Exercise
 
Wrap Up
 
Class Schedule
Sign-In/Registration 7:30 - 8:30 a.m.
Morning Session 8:30 a.m. - 12:00 p.m.
Lunch 12:00 - 1:00 p.m.
Afternoon Session 1:00 - 5:00 p.m.
Times represent the typical daily schedule. Please confirm your schedule at registration.
Class Fee Includes
• Tuition
• Course notebook
• Letter of completion
Instructors
Jeff Payne

Jeffery Payne

Spotlight

Jeffery Payne has led Coveros since its inception in 2008. Under his guidance, the company has become a recognized market leader in secure agile software development. He is a popular keynote and featured speaker at technology conferences and has testified before Congress on technology issues such as intellectual property rights...Learn More

Questions?

Get in Touch Ways To Save

On-Site/Private Training

Let us bring the learning to your team at your location or in an interactive virtual classroom!
Choose from more than 50 courses.

View all courses

Combine World-Class Training and

Certification with a Conference

Maximize Your Learning Potential

STAR Conference logo

AI Con USA logo

Agile + DevOps USA logo