Client-Server Application Security QA

Rating:
1 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 5
Loading...
Please Log in or register to rate

Client-Server Application Security QA

SEC-207

Quality Assurance processes usually verify that the system meets its functional and non-functional requirements, but does verify the security aspects of the product.
This course is designed to teach the QA personnel how to test for major security vulnerabilities and identify security bugs as the last line of defense before the product is delivered to the customer, as part of the standard QA testing.

Course Objectives

The objectives of the course are to teach QA personnel about application security vulnerabilities and how to perform security testing in client-server applications, and by that increasing the amount and quality of test cases that can be performed by the tester.
The course will introduce the tools & methods that should be performed by the auditor in order to efficiently find vulnerabilities and reducing the false positive / false negative rate.

Audience

Target Audience:
Members of the QA team
Security testers
Members of the software development team

Prerequisites:
Before attending this course, students should be familiar with basic knowledge of client-server applications and programming concepts

Course Topics

Day 1

Introduction to Client-server application
Information gathering
Authentication vulnerabilities

Day 2

Authorization vulnerabilities
Business logic attacks
Injections and Input Validation

Day 3

Insecure file handling
Availability Problems
Auditing
Desktop client weaknesses and manipulation

© Copyright - Skilit - Site by Dweb