SlideShare a Scribd company logo

The Impact of application security on testing

Download as PPT, PDF
Andreas Prins
Andreas Prins

This is about the impact of application security on the traditional testing activities

Technology
1 of 12
 
[object Object],Andréas Prins 10-09-2009
Program ,[object Object],[object Object],[object Object],[object Object],[object Object]
Impact on applications without security
Application security and legislation ,[object Object],[object Object],[object Object],[object Object],[object Object]
Application security is an extra dimension Explore new features in the application Quality attributes as described ISO9126 Extra code that isn`t needed
Testing has different faces and facets Secure implementation compliancy, control, make the right choices awareness and expert training Security assessments Code review Risk analysis / threat modeling Security Requirements external review, knowledge, responsibilities
The ease of security testing ,[object Object]
The implementation into your proces ,[object Object],[object Object],[object Object],[object Object]
Security testing in the new world ,[object Object],[object Object],[object Object],[object Object]
The impact on testing ,[object Object],[object Object],[object Object]
Contact information ,[object Object],[object Object],[object Object]

Recommended

VIII Targi eHandlu: Jan Kinal, opiszemy-produkty.pl "Audyt SEO sklepu - najcz...
VIII Targi eHandlu: Jan Kinal, opiszemy-produkty.pl "Audyt SEO sklepu - najcz...VIII Targi eHandlu: Jan Kinal, opiszemy-produkty.pl "Audyt SEO sklepu - najcz...
VIII Targi eHandlu: Jan Kinal, opiszemy-produkty.pl "Audyt SEO sklepu - najcz...ecommerce poland expo
 
Be Storm - Automated Application/Software Vulnerability Testing
Be Storm - Automated Application/Software Vulnerability TestingBe Storm - Automated Application/Software Vulnerability Testing
Be Storm - Automated Application/Software Vulnerability TestingAmit Shirolkar
 
EXO5 - ochrona digital
EXO5 - ochrona digitalEXO5 - ochrona digital
EXO5 - ochrona digitalEXO5.pl
 
sekit2008 - Garnkiem Miodu w Zombie
sekit2008 - Garnkiem Miodu w Zombiesekit2008 - Garnkiem Miodu w Zombie
sekit2008 - Garnkiem Miodu w ZombieLogicaltrust pl
 
Audyty informatyczne
Audyty informatyczneAudyty informatyczne
Audyty informatyczneGoTechnologies sp. z o.o.
 
A comparative study between traditional method and mix design with industrial...
A comparative study between traditional method and mix design with industrial...A comparative study between traditional method and mix design with industrial...
A comparative study between traditional method and mix design with industrial...Premier Publishers
 
Audyt FATCA
Audyt FATCAAudyt FATCA
Audyt FATCAKatarzyna Lamczyk
 
Open Source Security Testing Methodology Manual - OSSTMM by Falgun Rathod
Open Source Security Testing Methodology Manual - OSSTMM by Falgun RathodOpen Source Security Testing Methodology Manual - OSSTMM by Falgun Rathod
Open Source Security Testing Methodology Manual - OSSTMM by Falgun RathodFalgun Rathod
 

Recommended

VIII Targi eHandlu: Jan Kinal, opiszemy-produkty.pl "Audyt SEO sklepu - najcz...
VIII Targi eHandlu: Jan Kinal, opiszemy-produkty.pl "Audyt SEO sklepu - najcz...VIII Targi eHandlu: Jan Kinal, opiszemy-produkty.pl "Audyt SEO sklepu - najcz...
VIII Targi eHandlu: Jan Kinal, opiszemy-produkty.pl "Audyt SEO sklepu - najcz...ecommerce poland expo
 
Be Storm - Automated Application/Software Vulnerability Testing
Be Storm - Automated Application/Software Vulnerability TestingBe Storm - Automated Application/Software Vulnerability Testing
Be Storm - Automated Application/Software Vulnerability TestingAmit Shirolkar
 
EXO5 - ochrona digital
EXO5 - ochrona digitalEXO5 - ochrona digital
EXO5 - ochrona digitalEXO5.pl
 
sekit2008 - Garnkiem Miodu w Zombie
sekit2008 - Garnkiem Miodu w Zombiesekit2008 - Garnkiem Miodu w Zombie
sekit2008 - Garnkiem Miodu w ZombieLogicaltrust pl
 
Audyty informatyczne
Audyty informatyczneAudyty informatyczne
Audyty informatyczneGoTechnologies sp. z o.o.
 
A comparative study between traditional method and mix design with industrial...
A comparative study between traditional method and mix design with industrial...A comparative study between traditional method and mix design with industrial...
A comparative study between traditional method and mix design with industrial...Premier Publishers
 
Audyt FATCA
Audyt FATCAAudyt FATCA
Audyt FATCAKatarzyna Lamczyk
 
Open Source Security Testing Methodology Manual - OSSTMM by Falgun Rathod
Open Source Security Testing Methodology Manual - OSSTMM by Falgun RathodOpen Source Security Testing Methodology Manual - OSSTMM by Falgun Rathod
Open Source Security Testing Methodology Manual - OSSTMM by Falgun RathodFalgun Rathod
 
Doradztwo strategiczne IT
Doradztwo strategiczne ITDoradztwo strategiczne IT
Doradztwo strategiczne ITGoTechnologies sp. z o.o.
 
Automated Penetration Testing With The Metasploit Framework
Automated Penetration Testing With The Metasploit FrameworkAutomated Penetration Testing With The Metasploit Framework
Automated Penetration Testing With The Metasploit FrameworkTom Eston
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical HackingS.E. CTS CERT-GOV-MD
 
Presentation from CyberGov.pl 2015
Presentation from CyberGov.pl 2015 Presentation from CyberGov.pl 2015
Presentation from CyberGov.pl 2015 Pawel Krawczyk
 
Model based vulnerability testing
Model based vulnerability testingModel based vulnerability testing
Model based vulnerability testingKupili Archana
 
Audyt SEO i UX dla WMM - case study
Audyt SEO i UX dla WMM - case studyAudyt SEO i UX dla WMM - case study
Audyt SEO i UX dla WMM - case studyKrakweb
 
Techniques of attacking ICS systems
Techniques of attacking ICS systems Techniques of attacking ICS systems
Techniques of attacking ICS systems qqlan
 
The Internet of Things: the 4 security dimensions of smart devices
The Internet of Things: the 4 security dimensions of smart devicesThe Internet of Things: the 4 security dimensions of smart devices
The Internet of Things: the 4 security dimensions of smart devicesWavestone
 
Backtrack 5 - network pentest
Backtrack 5 - network pentestBacktrack 5 - network pentest
Backtrack 5 - network pentestDan H
 
Jednolity Plik Kontrolny – poznaliśmy finalne struktury oraz odpowiedzi Minis...
Jednolity Plik Kontrolny – poznaliśmy finalne struktury oraz odpowiedzi Minis...Jednolity Plik Kontrolny – poznaliśmy finalne struktury oraz odpowiedzi Minis...
Jednolity Plik Kontrolny – poznaliśmy finalne struktury oraz odpowiedzi Minis...PwC Polska
 
Report1
Report1Report1
Report1Jason Statham
 
Data Governance jako część ładu korporacyjnego
Data Governance jako część ładu korporacyjnegoData Governance jako część ładu korporacyjnego
Data Governance jako część ładu korporacyjnegoAndrzej Sobczak
 
Vulnerability Assessment and Penetration Testing Report
Vulnerability Assessment and Penetration Testing Report Vulnerability Assessment and Penetration Testing Report
Vulnerability Assessment and Penetration Testing Report Rishabh Upadhyay
 
Jednolity Plik Kontrolny - szczegoly struktur
Jednolity Plik Kontrolny - szczegoly strukturJednolity Plik Kontrolny - szczegoly struktur
Jednolity Plik Kontrolny - szczegoly strukturPwC Polska
 
Pen Testing Explained
Pen Testing ExplainedPen Testing Explained
Pen Testing ExplainedRand W. Hirt
 
PTES: PenTest Execution Standard
PTES: PenTest Execution StandardPTES: PenTest Execution Standard
PTES: PenTest Execution StandardSource Conference
 
Automated Penetration Testing With Core Impact
Automated Penetration Testing With Core ImpactAutomated Penetration Testing With Core Impact
Automated Penetration Testing With Core ImpactTom Eston
 
ICS/SCADA/PLC Google/Shodanhq Cheat Sheet
ICS/SCADA/PLC Google/Shodanhq Cheat SheetICS/SCADA/PLC Google/Shodanhq Cheat Sheet
ICS/SCADA/PLC Google/Shodanhq Cheat Sheetqqlan
 
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case StudyAccenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case StudyHoneywell
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 

More Related Content

Viewers also liked

Automated Penetration Testing With The Metasploit Framework
Automated Penetration Testing With The Metasploit FrameworkAutomated Penetration Testing With The Metasploit Framework
Automated Penetration Testing With The Metasploit FrameworkTom Eston
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical HackingS.E. CTS CERT-GOV-MD
 
Presentation from CyberGov.pl 2015
Presentation from CyberGov.pl 2015 Presentation from CyberGov.pl 2015
Presentation from CyberGov.pl 2015 Pawel Krawczyk
 
Model based vulnerability testing
Model based vulnerability testingModel based vulnerability testing
Model based vulnerability testingKupili Archana
 
Audyt SEO i UX dla WMM - case study
Audyt SEO i UX dla WMM - case studyAudyt SEO i UX dla WMM - case study
Audyt SEO i UX dla WMM - case studyKrakweb
 
Techniques of attacking ICS systems
Techniques of attacking ICS systems Techniques of attacking ICS systems
Techniques of attacking ICS systems qqlan
 
The Internet of Things: the 4 security dimensions of smart devices
The Internet of Things: the 4 security dimensions of smart devicesThe Internet of Things: the 4 security dimensions of smart devices
The Internet of Things: the 4 security dimensions of smart devicesWavestone
 
Backtrack 5 - network pentest
Backtrack 5 - network pentestBacktrack 5 - network pentest
Backtrack 5 - network pentestDan H
 
Jednolity Plik Kontrolny – poznaliśmy finalne struktury oraz odpowiedzi Minis...
Jednolity Plik Kontrolny – poznaliśmy finalne struktury oraz odpowiedzi Minis...Jednolity Plik Kontrolny – poznaliśmy finalne struktury oraz odpowiedzi Minis...
Jednolity Plik Kontrolny – poznaliśmy finalne struktury oraz odpowiedzi Minis...PwC Polska
 
Data Governance jako część ładu korporacyjnego
Data Governance jako część ładu korporacyjnegoData Governance jako część ładu korporacyjnego
Data Governance jako część ładu korporacyjnegoAndrzej Sobczak
 
Vulnerability Assessment and Penetration Testing Report
Vulnerability Assessment and Penetration Testing Report Vulnerability Assessment and Penetration Testing Report
Vulnerability Assessment and Penetration Testing Report Rishabh Upadhyay
 
Jednolity Plik Kontrolny - szczegoly struktur
Jednolity Plik Kontrolny - szczegoly strukturJednolity Plik Kontrolny - szczegoly struktur
Jednolity Plik Kontrolny - szczegoly strukturPwC Polska
 
Pen Testing Explained
Pen Testing ExplainedPen Testing Explained
Pen Testing ExplainedRand W. Hirt
 
PTES: PenTest Execution Standard
PTES: PenTest Execution StandardPTES: PenTest Execution Standard
PTES: PenTest Execution StandardSource Conference
 
Automated Penetration Testing With Core Impact
Automated Penetration Testing With Core ImpactAutomated Penetration Testing With Core Impact
Automated Penetration Testing With Core ImpactTom Eston
 
ICS/SCADA/PLC Google/Shodanhq Cheat Sheet
ICS/SCADA/PLC Google/Shodanhq Cheat SheetICS/SCADA/PLC Google/Shodanhq Cheat Sheet
ICS/SCADA/PLC Google/Shodanhq Cheat Sheetqqlan
 
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case StudyAccenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case StudyHoneywell
 

Viewers also liked (19)

Doradztwo strategiczne IT
Doradztwo strategiczne ITDoradztwo strategiczne IT
Doradztwo strategiczne IT
 
Automated Penetration Testing With The Metasploit Framework
Automated Penetration Testing With The Metasploit FrameworkAutomated Penetration Testing With The Metasploit Framework
Automated Penetration Testing With The Metasploit Framework
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical Hacking
 
Presentation from CyberGov.pl 2015
Presentation from CyberGov.pl 2015 Presentation from CyberGov.pl 2015
Presentation from CyberGov.pl 2015
 
Model based vulnerability testing
Model based vulnerability testingModel based vulnerability testing
Model based vulnerability testing
 
Audyt SEO i UX dla WMM - case study
Audyt SEO i UX dla WMM - case studyAudyt SEO i UX dla WMM - case study
Audyt SEO i UX dla WMM - case study
 
Techniques of attacking ICS systems
Techniques of attacking ICS systems Techniques of attacking ICS systems
Techniques of attacking ICS systems
 
The Internet of Things: the 4 security dimensions of smart devices
The Internet of Things: the 4 security dimensions of smart devicesThe Internet of Things: the 4 security dimensions of smart devices
The Internet of Things: the 4 security dimensions of smart devices
 
Backtrack 5 - network pentest
Backtrack 5 - network pentestBacktrack 5 - network pentest
Backtrack 5 - network pentest
 
Jednolity Plik Kontrolny – poznaliśmy finalne struktury oraz odpowiedzi Minis...
Jednolity Plik Kontrolny – poznaliśmy finalne struktury oraz odpowiedzi Minis...Jednolity Plik Kontrolny – poznaliśmy finalne struktury oraz odpowiedzi Minis...
Jednolity Plik Kontrolny – poznaliśmy finalne struktury oraz odpowiedzi Minis...
 
Report1
Report1Report1
Report1
 
Data Governance jako część ładu korporacyjnego
Data Governance jako część ładu korporacyjnegoData Governance jako część ładu korporacyjnego
Data Governance jako część ładu korporacyjnego
 
Vulnerability Assessment and Penetration Testing Report
Vulnerability Assessment and Penetration Testing Report Vulnerability Assessment and Penetration Testing Report
Vulnerability Assessment and Penetration Testing Report
 
Jednolity Plik Kontrolny - szczegoly struktur
Jednolity Plik Kontrolny - szczegoly strukturJednolity Plik Kontrolny - szczegoly struktur
Jednolity Plik Kontrolny - szczegoly struktur
 
Pen Testing Explained
Pen Testing ExplainedPen Testing Explained
Pen Testing Explained
 
PTES: PenTest Execution Standard
PTES: PenTest Execution StandardPTES: PenTest Execution Standard
PTES: PenTest Execution Standard
 
Automated Penetration Testing With Core Impact
Automated Penetration Testing With Core ImpactAutomated Penetration Testing With Core Impact
Automated Penetration Testing With Core Impact
 
ICS/SCADA/PLC Google/Shodanhq Cheat Sheet
ICS/SCADA/PLC Google/Shodanhq Cheat SheetICS/SCADA/PLC Google/Shodanhq Cheat Sheet
ICS/SCADA/PLC Google/Shodanhq Cheat Sheet
 
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case StudyAccenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
 

Recently uploaded

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Principled Technologies
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024SynarionITSolutions
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 

Recently uploaded (20)

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 

The Impact of application security on testing

  • 1.  
  • 2.
  • 3.
  • 4. Impact on applications without security
  • 5.
  • 6. Application security is an extra dimension Explore new features in the application Quality attributes as described ISO9126 Extra code that isn`t needed
  • 7. Testing has different faces and facets Secure implementation compliancy, control, make the right choices awareness and expert training Security assessments Code review Risk analysis / threat modeling Security Requirements external review, knowledge, responsibilities
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.

Editor's Notes

  1. Sloten met een loper te openen Is bij het ontbreken van security
  2. Wilders: Oude versie van CMS Joomla daardoor kwetsbaar Twitter : XSS 57,5 procent van de lekken wordt actief gebruikt.
  3. Bij testen kom je het tegen, allerlei functionaliteiten die anders te gebruiken zijn Allerlei applicatie onderdelen die je eigenlijk niet nodig hebt Verrijking van je zicht op de kwaliteit
  4. Demo comment in code Script injecteren <script>alert(‘Dit is een onschuldige pop-up’);</script> <script>alert(document.cookie);</script>