Your SlideShare is downloading. ×
0
Testing Web Application Security
     Integrating and automating security testing



Rochester Security Summit
Thu, 29 Oct...
Testing Web Application Security

Web applications are commonly used to transmit, accept and store
data that is personal, ...
http://www.slideshare.net/ted.husted
http://www.slideshare.net/RafalLos/creating-practical-security-testcases-for-web-applications
http://www.slideshare.net/RafalLos/creating-practical-security-testcases-for-web-applications
http://www.slideshare.net/RafalLos/creating-practical-security-testcases-for-web-applications
Bridging the Divide

Client-Side Capabilies      Server-Side Capabilities
    Length                     Filters
    Input...
Open QA Selenium




  http://selenium.openqa.org/documentation/
Open QA Selenium

 Selenium is a suite of tools




  http://selenium.openqa.org/documentation/
Open QA Selenium

 Selenium is a suite of tools
 Selenium IDE
    records and runs tests




  http://selenium.openqa.org/...
Open QA Selenium

 Selenium is a suite of tools
 Selenium IDE
    records and runs tests
 Selenium Remote Control
    runs...
Open QA Selenium

 Selenium is a suite of tools
 Selenium IDE
    records and runs tests
 Selenium Remote Control
    runs...
f:
cd "F:optselenium-remote-control-1.0-beta-2selenium-server-1.0-
beta-2"
java -jar selenium-server.jar
> java -jar hudson.war
Time for a Test Drive ...
Please complete
 an evaluation.
Questions?
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Upcoming SlideShare
Loading in...5
×

Testing Web Application Security

2,419

Published on

Web applications are commonly used to transmit, accept and store data that is personal, company confidential and sensitive.

More enterprises are spending more time testing web applications, but many still do not integrate security testing into an application's overall test plan.

In this presentation, we explore ways to integrate security testing into an end-to-end test plan, exercise security features in unit tests, integration tests, acceptance tests.

Published in: Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
2,419
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
155
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Transcript of "Testing Web Application Security"

  1. 1. Testing Web Application Security Integrating and automating security testing Rochester Security Summit Thu, 29 Oct 2009, 2p-3p
  2. 2. Testing Web Application Security Web applications are commonly used to transmit, accept and store data that is personal, company confidential and sensitive. More enterprises are spending more time testing web applications, but many still do not integrate security testing into an application's overall test plan. In this session, we will explore ways to integrate security testing into an end-to-end test plan, exercise security features in unit tests integration tests acceptance tests
  3. 3. http://www.slideshare.net/ted.husted
  4. 4. http://www.slideshare.net/RafalLos/creating-practical-security-testcases-for-web-applications
  5. 5. http://www.slideshare.net/RafalLos/creating-practical-security-testcases-for-web-applications
  6. 6. http://www.slideshare.net/RafalLos/creating-practical-security-testcases-for-web-applications
  7. 7. Bridging the Divide Client-Side Capabilies Server-Side Capabilities Length Filters Input value Numeric Limits Input transfer Character patterns Data access (email, URLs, SKUs) Input field selection Control flow
  8. 8. Open QA Selenium http://selenium.openqa.org/documentation/
  9. 9. Open QA Selenium Selenium is a suite of tools http://selenium.openqa.org/documentation/
  10. 10. Open QA Selenium Selenium is a suite of tools Selenium IDE records and runs tests http://selenium.openqa.org/documentation/
  11. 11. Open QA Selenium Selenium is a suite of tools Selenium IDE records and runs tests Selenium Remote Control runs across multiple platforms http://selenium.openqa.org/documentation/
  12. 12. Open QA Selenium Selenium is a suite of tools Selenium IDE records and runs tests Selenium Remote Control runs across multiple platforms Selenium Grid runs across multiple machines http://selenium.openqa.org/documentation/
  13. 13. f: cd "F:optselenium-remote-control-1.0-beta-2selenium-server-1.0- beta-2" java -jar selenium-server.jar
  14. 14. > java -jar hudson.war
  15. 15. Time for a Test Drive ...
  16. 16. Please complete an evaluation.
  17. 17. Questions?
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×