SlideShare a Scribd company logo

Testing Web Application Security

Ted Husted, profile picture
Ted Husted

The document discusses the increasing importance of integrating security testing into web application testing processes. It highlights methods for incorporating security assessment into various testing phases, such as unit, integration, and acceptance tests. Additionally, it references Selenium as a tool suite for automating testing across multiple platforms.

Technology
1 of 61
Downloaded 184 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
Testing Web Application Security Integrating and automating security testing Rochester Security Summit Thu, 29 Oct 2009, 2p-3p
Testing Web Application Security Web applications are commonly used to transmit, accept and store data that is personal, company confidential and sensitive. More enterprises are spending more time testing web applications, but many still do not integrate security testing into an application's overall test plan. In this session, we will explore ways to integrate security testing into an end-to-end test plan, exercise security features in unit tests integration tests acceptance tests
http://www.slideshare.net/ted.husted
http://www.slideshare.net/RafalLos/creating-practical-security-testcases-for-web-applications
http://www.slideshare.net/RafalLos/creating-practical-security-testcases-for-web-applications
http://www.slideshare.net/RafalLos/creating-practical-security-testcases-for-web-applications
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Bridging the Divide Client-Side Capabilies Server-Side Capabilities Length Filters Input value Numeric Limits Input transfer Character patterns Data access (email, URLs, SKUs) Input field selection Control flow
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Open QA Selenium http://selenium.openqa.org/documentation/
Open QA Selenium Selenium is a suite of tools http://selenium.openqa.org/documentation/
Open QA Selenium Selenium is a suite of tools Selenium IDE records and runs tests http://selenium.openqa.org/documentation/
Open QA Selenium Selenium is a suite of tools Selenium IDE records and runs tests Selenium Remote Control runs across multiple platforms http://selenium.openqa.org/documentation/
Open QA Selenium Selenium is a suite of tools Selenium IDE records and runs tests Selenium Remote Control runs across multiple platforms Selenium Grid runs across multiple machines http://selenium.openqa.org/documentation/
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
Testing Web Application Security
f: cd "F:optselenium-remote-control-1.0-beta-2selenium-server-1.0- beta-2" java -jar selenium-server.jar
Testing Web Application Security
> java -jar hudson.war
Testing Web Application Security
Testing Web Application Security
Time for a Test Drive ...
Please complete an evaluation.
Questions?

More Related Content

PPT
Get Ready for Web Application Security Testing
Alan Kan
 
PPTX
Security testing
Rihab Chebbah
 
PDF
we45 - Web Application Security Testing Case Study
we45
 
PDF
The Complete Web Application Security Testing Checklist
Cigital
 
PPS
Security testing
Tabăra de Testare
 
PDF
Web Application Security Testing Tools
Eric Lai
 
PPTX
Security Testing
Qualitest
 
PPTX
Security Testing for Web Application
Precise Testing Solution
 
Get Ready for Web Application Security Testing
Alan Kan
 
Security testing
Rihab Chebbah
 
we45 - Web Application Security Testing Case Study
we45
 
The Complete Web Application Security Testing Checklist
Cigital
 
Security testing
Tabăra de Testare
 
Web Application Security Testing Tools
Eric Lai
 
Security Testing
Qualitest
 
Security Testing for Web Application
Precise Testing Solution
 

What's hot (20)

PDF
Web Application Security 101
Cybersecurity Education and Research Centre
 
PPT
Step by step guide for web application security testing
Avyaan, Web Security Company in India
 
PDF
Security testing presentation
Confiz
 
PDF
Introduction to Application Security Testing
Mohamed Ridha CHEBBI, CISSP
 
PPTX
Security Testing Training With Examples
Alwin Thayyil
 
PPT
Security Testing
Kiran Kumar
 
PDF
Web Application Security 101 - 04 Testing Methodology
Websecurify
 
PPTX
Web Application Security 101
Jannis Kirschner
 
PPT
Web Application Security
Abdul Wahid
 
PPTX
Web application vulnerability assessment
Ravikumar Paghdal
 
PDF
Owasp top 10
YasserElsnbary
 
PDF
Web Application Security and Awareness
Abdul Rahman Sherzad
 
PPTX
Secure Coding 2013
The eCore Group
 
PPTX
Introduction to security testing raj
Rajakrishnan S, MCA,MBA,MA Phil,PMP,CSM,ISTQB-Test Mgr,ITIL
 
PPTX
Web application security
Kapil Sharma
 
PPTX
A new web application vulnerability assessment framework
Mark Jayson Fuentes
 
PPTX
Owasp top 10 2017
ibrahimumer2
 
PPTX
Penetration Testing
RomSoft SRL
 
PPT
Web Application Security Testing
Marco Morana
 
PPT
Introduction to Web Application Penetration Testing
Anurag Srivastava
 
Web Application Security 101
Cybersecurity Education and Research Centre
 
Step by step guide for web application security testing
Avyaan, Web Security Company in India
 
Security testing presentation
Confiz
 
Introduction to Application Security Testing
Mohamed Ridha CHEBBI, CISSP
 
Security Testing Training With Examples
Alwin Thayyil
 
Security Testing
Kiran Kumar
 
Web Application Security 101 - 04 Testing Methodology
Websecurify
 
Web Application Security 101
Jannis Kirschner
 
Web Application Security
Abdul Wahid
 
Web application vulnerability assessment
Ravikumar Paghdal
 
Owasp top 10
YasserElsnbary
 
Web Application Security and Awareness
Abdul Rahman Sherzad
 
Secure Coding 2013
The eCore Group
 
Introduction to security testing raj
Rajakrishnan S, MCA,MBA,MA Phil,PMP,CSM,ISTQB-Test Mgr,ITIL
 
Web application security
Kapil Sharma
 
A new web application vulnerability assessment framework
Mark Jayson Fuentes
 
Owasp top 10 2017
ibrahimumer2
 
Penetration Testing
RomSoft SRL
 
Web Application Security Testing
Marco Morana
 
Introduction to Web Application Penetration Testing
Anurag Srivastava
 
Ad

Viewers also liked (20)

PPTX
Testing web application
jayashreesaravanan
 
PPTX
Web Application Testing
Richa Goel
 
PPT
Test strategy for web development
alice yang
 
PDF
Lab 7b) test a web application
techbed
 
PPTX
Experience Report in #DEWT5: Where is test strategy with an agile team
Maaret Pyhäjärvi
 
PPT
Methods to test an e-learning Web application.
telss09
 
PDF
Database Web Application User Test 2
Tim Broadwater
 
PPTX
Testing strategy for agile projects updated
Tharinda Liyanage
 
PPTX
Getting Ready for UAT
Project Management Solutions
 
PDF
Testing Web Applications
Seth McLaughlin
 
PPTX
The Three Pillars Approach to Your Agile Test Strategy
Brian Estep
 
PDF
Agile 2012 the 0-page agile test plan - paul carvalho
drewz lin
 
PDF
How to brew a tasty agile test strategy
Dr. Alexander Schwartz
 
PPTX
Test Strategy
Zbyszek Mockun
 
PPTX
Designing Agile Test Strategy for Mobile Apps By Parimala Hariprasad
Agile Testing Alliance
 
PDF
Building a Test Automation Strategy for Success
Lee Barnes
 
PPT
Jarian van de Laar - Test Policy - Test Strategy
TEST Huddle
 
PPTX
Agile tour ncr test360_degree - agile testing on steroids
Vipul Gupta
 
PPT
AJRA Test Strategy Discussion
ajrhem
 
DOC
Niyati_Manual_Testing_ISTQB_Certified_Resume
Niyati Madad
 
Testing web application
jayashreesaravanan
 
Web Application Testing
Richa Goel
 
Test strategy for web development
alice yang
 
Lab 7b) test a web application
techbed
 
Experience Report in #DEWT5: Where is test strategy with an agile team
Maaret Pyhäjärvi
 
Methods to test an e-learning Web application.
telss09
 
Database Web Application User Test 2
Tim Broadwater
 
Testing strategy for agile projects updated
Tharinda Liyanage
 
Getting Ready for UAT
Project Management Solutions
 
Testing Web Applications
Seth McLaughlin
 
The Three Pillars Approach to Your Agile Test Strategy
Brian Estep
 
Agile 2012 the 0-page agile test plan - paul carvalho
drewz lin
 
How to brew a tasty agile test strategy
Dr. Alexander Schwartz
 
Test Strategy
Zbyszek Mockun
 
Designing Agile Test Strategy for Mobile Apps By Parimala Hariprasad
Agile Testing Alliance
 
Building a Test Automation Strategy for Success
Lee Barnes
 
Jarian van de Laar - Test Policy - Test Strategy
TEST Huddle
 
Agile tour ncr test360_degree - agile testing on steroids
Vipul Gupta
 
AJRA Test Strategy Discussion
ajrhem
 
Niyati_Manual_Testing_ISTQB_Certified_Resume
Niyati Madad
 
Ad

Similar to Testing Web Application Security (20)

PDF
Automate Web Apps With Selenium
Edureka!
 
PPT
Testing Ajax Web Applications
Ted Husted
 
PDF
Leveraging Open Source Automation: A Selenium WebDriver Example
TechWell
 
PPT
Selenium
jagdishdevabhaipatel
 
PPTX
Penetration testing dont just leave it to chance
Dr. Anish Cheriyan (PhD)
 
DOCX
Software Testing Tools Training
QEdge Tech
 
PDF
AppSec Tel Aviv - OWASP Top 10 For JavaScript Developers
Lewis Ardern
 
PPTX
Selenium
Milind Hali
 
PDF
2013 10-10 selenium presentation to ocjug
Philip Schlesinger
 
PPT
Selenium-Webdriver With PHPUnit Automation test for Joomla CMS!
Puneet Kala
 
PPT
Selenium
Sun Technlogies
 
PPTX
test-automation-selenium-160216124839.pptx
SyedZaeem9
 
PPT
Selenium Presentation at Engineering Colleges
Vijay Rangaiah
 
PDF
Automation Using Selenium Webdriver
Edureka!
 
PDF
Designing keyword and Data Driven Automation framework with Selenium
Edureka!
 
PPTX
Test Automation
Unmesh Ballal
 
PDF
Selenium Automation Testing - A Complete Guide.pdf
flufftailshop
 
PPT
Selenium
Daksh Sharma
 
PDF
Ijetcas14 413
Iasir Journals
 
PDF
Selenium Automation Testing - A Complete Guide.pdf
kalichargn70th171
 
Automate Web Apps With Selenium
Edureka!
 
Testing Ajax Web Applications
Ted Husted
 
Leveraging Open Source Automation: A Selenium WebDriver Example
TechWell
 
Selenium
jagdishdevabhaipatel
 
Penetration testing dont just leave it to chance
Dr. Anish Cheriyan (PhD)
 
Software Testing Tools Training
QEdge Tech
 
AppSec Tel Aviv - OWASP Top 10 For JavaScript Developers
Lewis Ardern
 
Selenium
Milind Hali
 
2013 10-10 selenium presentation to ocjug
Philip Schlesinger
 
Selenium-Webdriver With PHPUnit Automation test for Joomla CMS!
Puneet Kala
 
Selenium
Sun Technlogies
 
test-automation-selenium-160216124839.pptx
SyedZaeem9
 
Selenium Presentation at Engineering Colleges
Vijay Rangaiah
 
Automation Using Selenium Webdriver
Edureka!
 
Designing keyword and Data Driven Automation framework with Selenium
Edureka!
 
Test Automation
Unmesh Ballal
 
Selenium Automation Testing - A Complete Guide.pdf
flufftailshop
 
Selenium
Daksh Sharma
 
Ijetcas14 413
Iasir Journals
 
Selenium Automation Testing - A Complete Guide.pdf
kalichargn70th171
 

More from Ted Husted (18)

PPTX
Ship It!
Ted Husted
 
PDF
.NET @ apache.org
Ted Husted
 
PDF
The secret life_of_open_source
Ted Husted
 
PDF
Open Source Secret Sauce - Lugor Sep 2011
Ted Husted
 
PDF
NU FaceBook 101 JCC 2010
Ted Husted
 
PDF
Developing java Web Applications Using Google Apps RJUG 2011
Ted Husted
 
PDF
Open source secret_sauce_apache_con_2010
Ted Husted
 
PDF
Drupal kickstart-workshop
Ted Husted
 
PDF
Open source-secret-sauce-rit-2010
Ted Husted
 
PDF
Agile Analysis with Use Cases: Balancing Utility with Simplicity
Ted Husted
 
PDF
API Doc Smackdown
Ted Husted
 
PDF
Testing The Testers
Ted Husted
 
PDF
Testing Ajax Applications
Ted Husted
 
PDF
Testing Tools
Ted Husted
 
PDF
Coding Ajax
Ted Husted
 
PDF
Coding Ajax
Ted Husted
 
PPT
Retrofitting
Ted Husted
 
PDF
Open Source Secret Sauce
Ted Husted
 
Ship It!
Ted Husted
 
.NET @ apache.org
Ted Husted
 
The secret life_of_open_source
Ted Husted
 
Open Source Secret Sauce - Lugor Sep 2011
Ted Husted
 
NU FaceBook 101 JCC 2010
Ted Husted
 
Developing java Web Applications Using Google Apps RJUG 2011
Ted Husted
 
Open source secret_sauce_apache_con_2010
Ted Husted
 
Drupal kickstart-workshop
Ted Husted
 
Open source-secret-sauce-rit-2010
Ted Husted
 
Agile Analysis with Use Cases: Balancing Utility with Simplicity
Ted Husted
 
API Doc Smackdown
Ted Husted
 
Testing The Testers
Ted Husted
 
Testing Ajax Applications
Ted Husted
 
Testing Tools
Ted Husted
 
Coding Ajax
Ted Husted
 
Coding Ajax
Ted Husted
 
Retrofitting
Ted Husted
 
Open Source Secret Sauce
Ted Husted
 

Recently uploaded (20)

PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PDF
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PPTX
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PDF
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PPTX
ACSFv1EN-58255 AWS Academy Cloud Security Foundations.pptx
23bcla24
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
Cloud computing and distributed systems.
kkkkkhan
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
ACSFv1EN-58255 AWS Academy Cloud Security Foundations.pptx
23bcla24
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 

Testing Web Application Security