Testing Web Application Security
Upcoming SlideShare
Loading in...5
×
 

Testing Web Application Security

on

  • 3,573 views

Web applications are commonly used to transmit, accept and store data that is personal, company confidential and sensitive. ...

Web applications are commonly used to transmit, accept and store data that is personal, company confidential and sensitive.

More enterprises are spending more time testing web applications, but many still do not integrate security testing into an application's overall test plan.

In this presentation, we explore ways to integrate security testing into an end-to-end test plan, exercise security features in unit tests, integration tests, acceptance tests.

Statistics

Views

Total Views
3,573
Views on SlideShare
3,567
Embed Views
6

Actions

Likes
1
Downloads
148
Comments
0

2 Embeds 6

http://www.slideshare.net 5
http://www.scoop.it 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Testing Web Application Security Testing Web Application Security Presentation Transcript

  • Testing Web Application Security Integrating and automating security testing Rochester Security Summit Thu, 29 Oct 2009, 2p-3p
  • Testing Web Application Security Web applications are commonly used to transmit, accept and store data that is personal, company confidential and sensitive. More enterprises are spending more time testing web applications, but many still do not integrate security testing into an application's overall test plan. In this session, we will explore ways to integrate security testing into an end-to-end test plan, exercise security features in unit tests integration tests acceptance tests
  • http://www.slideshare.net/ted.husted
  • http://www.slideshare.net/RafalLos/creating-practical-security-testcases-for-web-applications
  • http://www.slideshare.net/RafalLos/creating-practical-security-testcases-for-web-applications
  • http://www.slideshare.net/RafalLos/creating-practical-security-testcases-for-web-applications
  • Bridging the Divide Client-Side Capabilies Server-Side Capabilities Length Filters Input value Numeric Limits Input transfer Character patterns Data access (email, URLs, SKUs) Input field selection Control flow
  • Open QA Selenium http://selenium.openqa.org/documentation/
  • Open QA Selenium Selenium is a suite of tools http://selenium.openqa.org/documentation/
  • Open QA Selenium Selenium is a suite of tools Selenium IDE records and runs tests http://selenium.openqa.org/documentation/
  • Open QA Selenium Selenium is a suite of tools Selenium IDE records and runs tests Selenium Remote Control runs across multiple platforms http://selenium.openqa.org/documentation/
  • Open QA Selenium Selenium is a suite of tools Selenium IDE records and runs tests Selenium Remote Control runs across multiple platforms Selenium Grid runs across multiple machines http://selenium.openqa.org/documentation/
  • f: cd "F:optselenium-remote-control-1.0-beta-2selenium-server-1.0- beta-2" java -jar selenium-server.jar
  • > java -jar hudson.war
  • Time for a Test Drive ...
  • Please complete an evaluation.
  • Questions?