QW2002 Tutorial B2

Mr. Hung Q. Nguyen
(LogiGear Corporation)

Security Testing for Web Sites, Web Applications and Software

Key Points

Presentation Abstract

Security issues are one of the highest concerns to many organizations. Despite this fact, security testing is often the least understood and least defined task. Security testing is a broad effort that requires a domain of expertise beyond traditional software testing. This one-day course teaches you security issues and outlines how software-testing roles fit in the big picture. The course focuses on security-related testing as it is applied to testing Web sites, Web applications, and software applications. This course is ideal for software testing professionals who are facing the new challenges and responsibilities of determining the scope of security testing to be done at the application level. QA professionals wanting to understand common vulnerabilities and hacking techniques used against Web sites and applications will especially benefit from this course. The course layout walks you through an overview of fundamental security issues including the hacking process and the strategies and technologies used in defending a system. Vulnerabilities in Web sites, Web applications and software applications as well as how the test for them will be discussed. Participants will come away with a clear understanding of testing for software system security, and many testing techniques, tools and resources that can be immediately applied to any project.

About the Author

Hung Q. Nguyen is founder, president, and CEO of LogiGear® Corporation. He’s held leadership roles in business management, product development, business development, engineering, quality assurance, testing, and information technology. Hung is an international speaker and contributor to industry publications. He authors and teaches software testing curriculums for LogiGear University and the University of California. He is the original architect of TRACKGEAR™, a Web-based defect management system, and the author of Testing Applications on the Web (Wiley). He also wrote (with Kaner and Falk) the best-selling book Testing Computer Software (Wiley), which is also published in Japanese. He holds a B.Sc. in Quality Assurance from Cogswell Polytechnical College, is an ASQ-Certified Quality Engineer, and a member of the Advisory Council for the Department of Applied Computing and Information Systems at UC Berkeley Extension.