Category: #30daysofsecuritytesting

Day 14: Develop a Test Plan Including Security Tests

In my opinion, not all user stories need security test considerations, so it's important to know when and where to include them for maximum benefit and return on investment (ROI). Guidelines for Choosing When to Include Security Considerations: Risk Assessment: Assess the potential risks of each feature or user story to determine whether security testing... Continue Reading →

0

Day 13: Perform a Security analysis for requirements in a story

Let's assume we have a simple requirement/user story like this, and now we'll see how to perform a security analysis for a simple requirement like this: Example User Story: "As a user, I want to upload my profile picture so that I can personalize my account." Step 1: Review the User Story The user story... Continue Reading →

0

Day 12: Read about security testing and discuss where it best fits in an SDLC

Today's challenge is about exploring security testing and understanding where it fits in the Software Development Life Cycle (SDLC). Security testing is a crucial part of development that helps find vulnerabilities and weaknesses before the application goes live. What is Security Testing? Security testing checks an application for vulnerabilities that could be exploited by attackers.... Continue Reading →

0

Day 10: Learning About Ethical Hacking

Day 10 is about learning and understanding ethical hacking. I've always had a vague idea of what it involves, so I used this opportunity to dive deeper. What is Ethical Hacking? Ethical hacking, also known as penetration testing or white-hat hacking, is testing computer systems, networks, and web applications for vulnerabilities. The goal is to... Continue Reading →

0

Website Powered by WordPress.com.

Up ↑