Testing Web Application Security

Testing Web Application security is not intuitive and to be effective you need to understand web application design, HTTP, JavaScript, browser behavior, and potentially other technologies such as AJAX, JSON and XML. The security testing challenge is often more acute due to poor or missing Security Requirements, as well as the fact that testing interval often does not account for security testing. This course provides the knowledge and skills Testers need to detect security vulnerabilities in web applications using a combination of manual and automated methods.
Application Security and the SDLCA solid understanding of either Java and JSPs, OR C# .NET and ASPs, OR PHP
2 Days/Lecture & Lab
This course is designed for experienced QA staff who wish to enhance their skills with the techniques necessary to accurately and thoroughly assess the security of web applications.
  • Introduction
  • Survey of Vulnerabilities
  • Using a Web Proxy
  • Detecting XSS
  • Detecting SQL Injection
  • Detecting Command Injection
  • Detecting Other Vulnerabilities
  • Quiz Answers

Related Scheduled Courses