Security Testing for QA / Ethical Hacking

how can we help you?

Contact us at info@symosis.com to get started, or request a callback by submitting the form below.

The Security Testing for QA focuses on integrating security into the QA and Evaluation testing of software. The goal is to introduce the concept of unexpected test cases and incorporate security threats analysis during quality assurance testing. The training covers latest techniques and tools, and provides a methodology to build and execute security test cases

Course Length: 2-3 hours, Pre-requisites: None

Topics Covered

  • Security Testing tools – Burp, OWASP ZAP, Fuzzers, How to use them?
  • Testing for identification and Authentication – Testing for Credentials Transported over an Encrypted Channel, Testing for Weak lock out mechanism, Testing for bypassing authentication schema, Test remember password functionality
  • Authorization – Testing Directory traversal/file include, Testing for bypassing authorization schema, Testing for Privilege Escalation, Testing for Authorization, Access Controls & Privilege Escalation
  • Session Management – Testing for Bypassing Session Management Schema, Testing for Cookies attributes, Testing for Session Fixation, Testing for Exposed Session Variables, Testing for Insecure sessions, session hijack, session replay
  • Data Validation – Testing for Cross Site Request Forgery (CSRF), Testing for SQL Injection, XSS, CSRF and other Data injection attacks
  • Testing for weak Cryptography – Testing for Weak SSL/TLS Ciphers, Insufficient Transport Layer Protection, Testing for Sensitive information sent via unencrypted channels
  • Testing for secure Error handling, logging and auditing
  • Test for client side testing, DOM Injection, business logic testing

Takeaways
Learn how to create security focused test cases
Integrate security testing into QA
Understand ethical hacking techniques
Enforce security as a development priority

Training Delivery

Delivery On-Demand 24×7 Online Access, Instructor-led or both
Interactive engaging content
Quiz and learning games
Hosted by Symosis or on your LMS
Customized to your Security policy and environment
SCORM Compliant
Repeat multiple times, reinforce key concepts
Get activity and completion reports
Meet PCI DSS, HIPAA and other compliance requirements
100+ satisfied customers

Free Trail

Click Here for a free trial to any training course