SlideShare a Scribd company logo

The Impact of application security on testing

Download as PPT, PDF
Andreas Prins
Andreas Prins

This is about the impact of application security on the traditional testing activities

Technology
1 of 12
 
[object Object],Andréas Prins 10-09-2009
Program ,[object Object],[object Object],[object Object],[object Object],[object Object]
Impact on applications without security
Application security and legislation ,[object Object],[object Object],[object Object],[object Object],[object Object]
Application security is an extra dimension Explore new features in the application Quality attributes as described ISO9126 Extra code that isn`t needed
Testing has different faces and facets Secure implementation compliancy, control, make the right choices awareness and expert training Security assessments Code review Risk analysis / threat modeling Security Requirements external review, knowledge, responsibilities
The ease of security testing ,[object Object]
The implementation into your proces ,[object Object],[object Object],[object Object],[object Object]
Security testing in the new world ,[object Object],[object Object],[object Object],[object Object]
The impact on testing ,[object Object],[object Object],[object Object]
Contact information ,[object Object],[object Object],[object Object]

Recommended

VIII Targi eHandlu: Jan Kinal, opiszemy-produkty.pl "Audyt SEO sklepu - najcz...
VIII Targi eHandlu: Jan Kinal, opiszemy-produkty.pl "Audyt SEO sklepu - najcz...VIII Targi eHandlu: Jan Kinal, opiszemy-produkty.pl "Audyt SEO sklepu - najcz...
VIII Targi eHandlu: Jan Kinal, opiszemy-produkty.pl "Audyt SEO sklepu - najcz...ecommerce poland expo
 
Be Storm - Automated Application/Software Vulnerability Testing
Be Storm - Automated Application/Software Vulnerability TestingBe Storm - Automated Application/Software Vulnerability Testing
Be Storm - Automated Application/Software Vulnerability TestingAmit Shirolkar
 
EXO5 - ochrona digital
EXO5 - ochrona digitalEXO5 - ochrona digital
EXO5 - ochrona digitalEXO5.pl
 
sekit2008 - Garnkiem Miodu w Zombie
sekit2008 - Garnkiem Miodu w Zombiesekit2008 - Garnkiem Miodu w Zombie
sekit2008 - Garnkiem Miodu w ZombieLogicaltrust pl
 
Audyty informatyczne
Audyty informatyczneAudyty informatyczne
Audyty informatyczneGoTechnologies sp. z o.o.
 
A comparative study between traditional method and mix design with industrial...
A comparative study between traditional method and mix design with industrial...A comparative study between traditional method and mix design with industrial...
A comparative study between traditional method and mix design with industrial...Premier Publishers
 
Audyt FATCA
Audyt FATCAAudyt FATCA
Audyt FATCAKatarzyna Lamczyk
 
Open Source Security Testing Methodology Manual - OSSTMM by Falgun Rathod
Open Source Security Testing Methodology Manual - OSSTMM by Falgun RathodOpen Source Security Testing Methodology Manual - OSSTMM by Falgun Rathod
Open Source Security Testing Methodology Manual - OSSTMM by Falgun RathodFalgun Rathod
 

Recommended

VIII Targi eHandlu: Jan Kinal, opiszemy-produkty.pl "Audyt SEO sklepu - najcz...
VIII Targi eHandlu: Jan Kinal, opiszemy-produkty.pl "Audyt SEO sklepu - najcz...VIII Targi eHandlu: Jan Kinal, opiszemy-produkty.pl "Audyt SEO sklepu - najcz...
VIII Targi eHandlu: Jan Kinal, opiszemy-produkty.pl "Audyt SEO sklepu - najcz...ecommerce poland expo
 
Be Storm - Automated Application/Software Vulnerability Testing
Be Storm - Automated Application/Software Vulnerability TestingBe Storm - Automated Application/Software Vulnerability Testing
Be Storm - Automated Application/Software Vulnerability TestingAmit Shirolkar
 
EXO5 - ochrona digital
EXO5 - ochrona digitalEXO5 - ochrona digital
EXO5 - ochrona digitalEXO5.pl
 
sekit2008 - Garnkiem Miodu w Zombie
sekit2008 - Garnkiem Miodu w Zombiesekit2008 - Garnkiem Miodu w Zombie
sekit2008 - Garnkiem Miodu w ZombieLogicaltrust pl
 
Audyty informatyczne
Audyty informatyczneAudyty informatyczne
Audyty informatyczneGoTechnologies sp. z o.o.
 
A comparative study between traditional method and mix design with industrial...
A comparative study between traditional method and mix design with industrial...A comparative study between traditional method and mix design with industrial...
A comparative study between traditional method and mix design with industrial...Premier Publishers
 
Audyt FATCA
Audyt FATCAAudyt FATCA
Audyt FATCAKatarzyna Lamczyk
 
Open Source Security Testing Methodology Manual - OSSTMM by Falgun Rathod
Open Source Security Testing Methodology Manual - OSSTMM by Falgun RathodOpen Source Security Testing Methodology Manual - OSSTMM by Falgun Rathod
Open Source Security Testing Methodology Manual - OSSTMM by Falgun RathodFalgun Rathod
 
Doradztwo strategiczne IT
Doradztwo strategiczne ITDoradztwo strategiczne IT
Doradztwo strategiczne ITGoTechnologies sp. z o.o.
 
Automated Penetration Testing With The Metasploit Framework
Automated Penetration Testing With The Metasploit FrameworkAutomated Penetration Testing With The Metasploit Framework
Automated Penetration Testing With The Metasploit FrameworkTom Eston
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical HackingS.E. CTS CERT-GOV-MD
 
Presentation from CyberGov.pl 2015
Presentation from CyberGov.pl 2015 Presentation from CyberGov.pl 2015
Presentation from CyberGov.pl 2015 Pawel Krawczyk
 
Model based vulnerability testing
Model based vulnerability testingModel based vulnerability testing
Model based vulnerability testingKupili Archana
 
Audyt SEO i UX dla WMM - case study
Audyt SEO i UX dla WMM - case studyAudyt SEO i UX dla WMM - case study
Audyt SEO i UX dla WMM - case studyKrakweb
 
Techniques of attacking ICS systems
Techniques of attacking ICS systems Techniques of attacking ICS systems
Techniques of attacking ICS systems qqlan
 
The Internet of Things: the 4 security dimensions of smart devices
The Internet of Things: the 4 security dimensions of smart devicesThe Internet of Things: the 4 security dimensions of smart devices
The Internet of Things: the 4 security dimensions of smart devicesWavestone
 
Backtrack 5 - network pentest
Backtrack 5 - network pentestBacktrack 5 - network pentest
Backtrack 5 - network pentestDan H
 
Jednolity Plik Kontrolny – poznaliśmy finalne struktury oraz odpowiedzi Minis...
Jednolity Plik Kontrolny – poznaliśmy finalne struktury oraz odpowiedzi Minis...Jednolity Plik Kontrolny – poznaliśmy finalne struktury oraz odpowiedzi Minis...
Jednolity Plik Kontrolny – poznaliśmy finalne struktury oraz odpowiedzi Minis...PwC Polska
 
Report1
Report1Report1
Report1Jason Statham
 
Data Governance jako część ładu korporacyjnego
Data Governance jako część ładu korporacyjnegoData Governance jako część ładu korporacyjnego
Data Governance jako część ładu korporacyjnegoAndrzej Sobczak
 
Vulnerability Assessment and Penetration Testing Report
Vulnerability Assessment and Penetration Testing Report Vulnerability Assessment and Penetration Testing Report
Vulnerability Assessment and Penetration Testing Report Rishabh Upadhyay
 
Jednolity Plik Kontrolny - szczegoly struktur
Jednolity Plik Kontrolny - szczegoly strukturJednolity Plik Kontrolny - szczegoly struktur
Jednolity Plik Kontrolny - szczegoly strukturPwC Polska
 
Pen Testing Explained
Pen Testing ExplainedPen Testing Explained
Pen Testing ExplainedRand W. Hirt
 
PTES: PenTest Execution Standard
PTES: PenTest Execution StandardPTES: PenTest Execution Standard
PTES: PenTest Execution StandardSource Conference
 
Automated Penetration Testing With Core Impact
Automated Penetration Testing With Core ImpactAutomated Penetration Testing With Core Impact
Automated Penetration Testing With Core ImpactTom Eston
 
ICS/SCADA/PLC Google/Shodanhq Cheat Sheet
ICS/SCADA/PLC Google/Shodanhq Cheat SheetICS/SCADA/PLC Google/Shodanhq Cheat Sheet
ICS/SCADA/PLC Google/Shodanhq Cheat Sheetqqlan
 
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case StudyAccenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case StudyHoneywell
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 

More Related Content

Viewers also liked

Automated Penetration Testing With The Metasploit Framework
Automated Penetration Testing With The Metasploit FrameworkAutomated Penetration Testing With The Metasploit Framework
Automated Penetration Testing With The Metasploit FrameworkTom Eston
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical HackingS.E. CTS CERT-GOV-MD
 
Presentation from CyberGov.pl 2015
Presentation from CyberGov.pl 2015 Presentation from CyberGov.pl 2015
Presentation from CyberGov.pl 2015 Pawel Krawczyk
 
Model based vulnerability testing
Model based vulnerability testingModel based vulnerability testing
Model based vulnerability testingKupili Archana
 
Audyt SEO i UX dla WMM - case study
Audyt SEO i UX dla WMM - case studyAudyt SEO i UX dla WMM - case study
Audyt SEO i UX dla WMM - case studyKrakweb
 
Techniques of attacking ICS systems
Techniques of attacking ICS systems Techniques of attacking ICS systems
Techniques of attacking ICS systems qqlan
 
The Internet of Things: the 4 security dimensions of smart devices
The Internet of Things: the 4 security dimensions of smart devicesThe Internet of Things: the 4 security dimensions of smart devices
The Internet of Things: the 4 security dimensions of smart devicesWavestone
 
Backtrack 5 - network pentest
Backtrack 5 - network pentestBacktrack 5 - network pentest
Backtrack 5 - network pentestDan H
 
Jednolity Plik Kontrolny – poznaliśmy finalne struktury oraz odpowiedzi Minis...
Jednolity Plik Kontrolny – poznaliśmy finalne struktury oraz odpowiedzi Minis...Jednolity Plik Kontrolny – poznaliśmy finalne struktury oraz odpowiedzi Minis...
Jednolity Plik Kontrolny – poznaliśmy finalne struktury oraz odpowiedzi Minis...PwC Polska
 
Data Governance jako część ładu korporacyjnego
Data Governance jako część ładu korporacyjnegoData Governance jako część ładu korporacyjnego
Data Governance jako część ładu korporacyjnegoAndrzej Sobczak
 
Vulnerability Assessment and Penetration Testing Report
Vulnerability Assessment and Penetration Testing Report Vulnerability Assessment and Penetration Testing Report
Vulnerability Assessment and Penetration Testing Report Rishabh Upadhyay
 
Jednolity Plik Kontrolny - szczegoly struktur
Jednolity Plik Kontrolny - szczegoly strukturJednolity Plik Kontrolny - szczegoly struktur
Jednolity Plik Kontrolny - szczegoly strukturPwC Polska
 
Pen Testing Explained
Pen Testing ExplainedPen Testing Explained
Pen Testing ExplainedRand W. Hirt
 
PTES: PenTest Execution Standard
PTES: PenTest Execution StandardPTES: PenTest Execution Standard
PTES: PenTest Execution StandardSource Conference
 
Automated Penetration Testing With Core Impact
Automated Penetration Testing With Core ImpactAutomated Penetration Testing With Core Impact
Automated Penetration Testing With Core ImpactTom Eston
 
ICS/SCADA/PLC Google/Shodanhq Cheat Sheet
ICS/SCADA/PLC Google/Shodanhq Cheat SheetICS/SCADA/PLC Google/Shodanhq Cheat Sheet
ICS/SCADA/PLC Google/Shodanhq Cheat Sheetqqlan
 
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case StudyAccenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case StudyHoneywell
 

Viewers also liked (19)

Doradztwo strategiczne IT
Doradztwo strategiczne ITDoradztwo strategiczne IT
Doradztwo strategiczne IT
 
Automated Penetration Testing With The Metasploit Framework
Automated Penetration Testing With The Metasploit FrameworkAutomated Penetration Testing With The Metasploit Framework
Automated Penetration Testing With The Metasploit Framework
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical Hacking
 
Presentation from CyberGov.pl 2015
Presentation from CyberGov.pl 2015 Presentation from CyberGov.pl 2015
Presentation from CyberGov.pl 2015
 
Model based vulnerability testing
Model based vulnerability testingModel based vulnerability testing
Model based vulnerability testing
 
Audyt SEO i UX dla WMM - case study
Audyt SEO i UX dla WMM - case studyAudyt SEO i UX dla WMM - case study
Audyt SEO i UX dla WMM - case study
 
Techniques of attacking ICS systems
Techniques of attacking ICS systems Techniques of attacking ICS systems
Techniques of attacking ICS systems
 
The Internet of Things: the 4 security dimensions of smart devices
The Internet of Things: the 4 security dimensions of smart devicesThe Internet of Things: the 4 security dimensions of smart devices
The Internet of Things: the 4 security dimensions of smart devices
 
Backtrack 5 - network pentest
Backtrack 5 - network pentestBacktrack 5 - network pentest
Backtrack 5 - network pentest
 
Jednolity Plik Kontrolny – poznaliśmy finalne struktury oraz odpowiedzi Minis...
Jednolity Plik Kontrolny – poznaliśmy finalne struktury oraz odpowiedzi Minis...Jednolity Plik Kontrolny – poznaliśmy finalne struktury oraz odpowiedzi Minis...
Jednolity Plik Kontrolny – poznaliśmy finalne struktury oraz odpowiedzi Minis...
 
Report1
Report1Report1
Report1
 
Data Governance jako część ładu korporacyjnego
Data Governance jako część ładu korporacyjnegoData Governance jako część ładu korporacyjnego
Data Governance jako część ładu korporacyjnego
 
Vulnerability Assessment and Penetration Testing Report
Vulnerability Assessment and Penetration Testing Report Vulnerability Assessment and Penetration Testing Report
Vulnerability Assessment and Penetration Testing Report
 
Jednolity Plik Kontrolny - szczegoly struktur
Jednolity Plik Kontrolny - szczegoly strukturJednolity Plik Kontrolny - szczegoly struktur
Jednolity Plik Kontrolny - szczegoly struktur
 
Pen Testing Explained
Pen Testing ExplainedPen Testing Explained
Pen Testing Explained
 
PTES: PenTest Execution Standard
PTES: PenTest Execution StandardPTES: PenTest Execution Standard
PTES: PenTest Execution Standard
 
Automated Penetration Testing With Core Impact
Automated Penetration Testing With Core ImpactAutomated Penetration Testing With Core Impact
Automated Penetration Testing With Core Impact
 
ICS/SCADA/PLC Google/Shodanhq Cheat Sheet
ICS/SCADA/PLC Google/Shodanhq Cheat SheetICS/SCADA/PLC Google/Shodanhq Cheat Sheet
ICS/SCADA/PLC Google/Shodanhq Cheat Sheet
 
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case StudyAccenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
 

Recently uploaded

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 

Recently uploaded (20)

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 

The Impact of application security on testing

  • 1.  
  • 2.
  • 3.
  • 4. Impact on applications without security
  • 5.
  • 6. Application security is an extra dimension Explore new features in the application Quality attributes as described ISO9126 Extra code that isn`t needed
  • 7. Testing has different faces and facets Secure implementation compliancy, control, make the right choices awareness and expert training Security assessments Code review Risk analysis / threat modeling Security Requirements external review, knowledge, responsibilities
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.

Editor's Notes

  1. Sloten met een loper te openen Is bij het ontbreken van security
  2. Wilders: Oude versie van CMS Joomla daardoor kwetsbaar Twitter : XSS 57,5 procent van de lekken wordt actief gebruikt.
  3. Bij testen kom je het tegen, allerlei functionaliteiten die anders te gebruiken zijn Allerlei applicatie onderdelen die je eigenlijk niet nodig hebt Verrijking van je zicht op de kwaliteit
  4. Demo comment in code Script injecteren <script>alert(‘Dit is een onschuldige pop-up’);</script> <script>alert(document.cookie);</script>