Web applications are commonly used to transmit, accept and store data that is personal, company confidential and sensitive.
More enterprises are spending more time testing web applications, but many still do not integrate security testing into an application's overall test plan.
In this presentation, we explore ways to integrate security testing into an end-to-end test plan, exercise security features in unit tests, integration tests, acceptance tests.
Strategies for Landing an Oracle DBA Job as a Fresher
Testing Web Application Security
1. Testing Web Application Security
Integrating and automating security testing
Rochester Security Summit
Thu, 29 Oct 2009, 2p-3p
2. Testing Web Application Security
Web applications are commonly used to transmit, accept and store
data that is personal, company confidential and sensitive.
More enterprises are spending more time testing web applications, but
many still do not integrate security testing into an application's overall
test plan.
In this session, we will explore ways to
integrate security testing into an end-to-end test plan,
exercise security features in
unit tests
integration tests
acceptance tests
10. Bridging the Divide
Client-Side Capabilies Server-Side Capabilities
Length Filters
Input value Numeric Limits
Input transfer Character patterns
Data access (email, URLs, SKUs)
Input field selection
Control flow
42. Open QA Selenium
Selenium is a suite of tools
http://selenium.openqa.org/documentation/
43. Open QA Selenium
Selenium is a suite of tools
Selenium IDE
records and runs tests
http://selenium.openqa.org/documentation/
44. Open QA Selenium
Selenium is a suite of tools
Selenium IDE
records and runs tests
Selenium Remote Control
runs across multiple platforms
http://selenium.openqa.org/documentation/
45. Open QA Selenium
Selenium is a suite of tools
Selenium IDE
records and runs tests
Selenium Remote Control
runs across multiple platforms
Selenium Grid
runs across multiple machines
http://selenium.openqa.org/documentation/