Application Security – What Testers Can Do!
Declan O’Riordan
Testing IT
Application security is the poorly understood and neglected relative of both security and testing disciplines. If budget holders and big decision makers can’t grasp the necessary principles, should you stand back and watch Rome burn? No!
This eBook was written while working as Head of Security Testing for TVS to complement my 2015 session at STAR East in Florida. It won the prize for best conference paper, and the associated talk was also very well received. The hypothesis is that security testing co-exists closer to everyday testing than you might imagine. Let’s work through some realistic examples of security testing tasks you could quickly learn to own yourself.
3 Key Takeaways:
- Many security testing skills are within the project team capability.
- Recognizing which security tests you can own will save money for expert help.
- Effectively manage the experts who help you to test the difficult tasks by understanding their work plan.
About Me!
Declan started speaking at conferences in 2014. Within nine months he’d won the EuroSTAR prize for best conference paper and was voted the ‘do over’ session delegates would most like repeated with ‘The What? Why? Who? And How? Of Application Security’. Declan subsequently won the prize for best conference paper at the USA’s STAR East conference in 2015 with ‘Security Testing: What Testers Can Do’. This is the STAR East prize-winning paper.