We all know that application security testing is critical in today's world, but what exactly is it? There are many automated security tools that do the testing for you, but it is critical to understand what goes on under the hood of these tools in order to become a better developer and tester.

Security testing is often handled by a specialized team or a set of automated tools, but every development team should understand the basics of how malicious data can enter a system in order to prevent the vulnerabilities from occurring in the first place. In this session, we’ll take a look at fuzzing, a type of black box security testing used in dynamic application security testing (DAST). I’ll present the top 5 fuzz vectors that are used to exploit vulnerable systems and how to develop and test against them. You will learn how to be an ethical hacker in order to make your system more robust and you will leave with a better understanding of how to incorporate a security mindset into your daily development and testing efforts.

Comments

Comments are closed.

Philip Sharp at 11:19 on 1 Aug 2019

Good talk on looking at security in the SDLC and automated testing. I expected more details about fuzzing and other black box testing.