Web Application Security Testing:
The What, Why, Who & How?

Web Application Security Testing

At the EuroSTAR conference on software Testing (Dublin – Nov 24-27, 2014) T&VS presented on web application security and how it is completely different to traditional mainframe testing. If you’re not familiar with SQL Injection, Cross-Site Scripting, Cross-Site Request Forgery or a host of other ways of attacking your system and applications, then this was the talk for you. In the talk T&VS covered:

  • What web application security testing is
  • Why it’s important
  • Who should be doing it
  • How it should be done

EuroSTAR 2014 Best Paper

T&VS are pleased to announce that the 2014 winner of the Best Paper Award at EuroSTAR 2014 was awarded for the talk on Web Application Security. The organisers noted that the quality of all the submissions was very high with the review committee selecting T&VS’ paper as the best for 2014. It was the first-time T&VS had spoken at EuroSTAR and the talk was voted as the session attendees would most like to see again and was featured as the Do-Over Session. Award Details

Abstract: This is the only subject in my 33-year IT career that I’ve ever felt is so important that I have to get up on stage and make more people aware. When I started speaking about application security I found that people really enjoyed the story and returned to work galvanised into action and I’m confident you will feel the same. This is useful stuff.

De-mystifying Application Security

A penetration testing expert is better at pen-testing than me, but should I simply delegate application security to specialists and network firewalls? Actually no, I shouldn’t and neither should anyone else involved in the systems development lifecycle. For years I treated security testing as something akin to black magic beyond my comprehension and penetration testers as technical wizards who could cast out evil hacking spells. Obviously that was daft, but it took some effort to see what was really happening behind the smoke and mirrors of application security, and to de-mystify it for my colleagues.

Download the Whitepaper

By downloading my new whitepaper you will be able to follow the journey that led me to believe every well-formed tester can and must have a basic understanding of what application security is, why it is important, who should be doing it, and how.

Video Trailer: Web Application Security

Still not sure if the Whitepaper is for you? Check out the video trailer to find out more.