What? Why? Who? And How? Of Application Security Testing
Passive testing resulted in several of my internet-facing projects receiving little regard to security other than the traditional access control matrix. Upon deciding to take a more assertive approach to security testing I found flaws in our testing, development, design and requirements capture processes and began to challenge the situation. I found allies in the security team who admitted they could only cope with filtering out some attacks at the network perimeter. If attacks got inside the perimeter the battle was probably lost. The realization that application security was substantially different to transport layer security led to a firm belief…....
You need to Register or to access the full content.
"*" indicates required fields
I had never spoken in public before 2014, yet set myself the goals of being accepted as a speaker for EuroSTAR, winning the prize for best conference paper, and having my talk voted the ‘do-over session’ that attendees would most like to have repeated. All these goals were achieved, and have led to my joining the 2015 EuroSTAR programme committee. My long journey to these attainments is described in the eBook ‘What? Why? Who? And How? Of Application Security’.
Privacy & Cookies
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.