Software Security Testing Best Practices
How do you find security flaws beyond simple ones like buffer overflows? Most of the current software security testing falls into one of two categories: random corruption of files or network protocols and re-executing existing, known vulnerabilities against new versions of software.
This 5 day class brings you to the forfront of Hacking code. Hackers find subtle and innovative flaws and exploit them and you need a more regimented, more creative process to find them before you do. Identify and root out harmful security defects in both commercial and internal software applications. Get the basics on how to conduct an allpication security threat assessment of your systems before or after they go live. Learn how to develop a comprehensive security test strategy and build a team with the right mix of skills and experience to execute it. Discover novel yet disciplined approaches for using fault injection to find application security vulnerabilities before your software is exposed to hackers.
|Time:||7:45am - 5pm|
|Location:||Click here to view the class schedule|
|Prerequisites:||Understanding of TCP/IP protocols|
Method of Evaluation: 1. 95 % attendance 2. 100 % completion of Lab
Grading: Pass = 95% Attendance and 100% Completion of Labs and Practical
Fail => 95% Attendance and > 100% Completion of Labs and Practical
Learning Level: Programmer - Intermediate
- Learn how to plan a security testing effort and integrate security testing into your QA process
- Learn about risk assessments, test prioritizations and threat modeling
- Acquire the skills to recognize and expose the most insidious security vulnerabilities in your applications
- Discover tools, techniques and processes to make security an integral part of your release process and to create a security aware culture in your test team.
- Learn the many categories of security bugs that may exist in your software and the secrets of application security testing
What Is CWE? Want more info on CWE?
Targeted to developers and security practitioners, CWE is a formal list of software weaknesses, idiosyncrasies, faults, and flaws created to:
Serve as a common language for describing the source code, software design, or software architecture causes of software security vulnerabilities.
Serve as a standard measuring stick for software security tools targeting these issues.
Provide a common baseline standard for identification, mitigation, and prevention of these weaknesses.
Click here for: What is CWE? PDF
Who Should Attend? This is a must-have class for functional testers who need to make the transition to finding security bugs. It is also essential for test managers because it teaches the soup to nuts process of security testing and how this type of testing fits in to the overall QA process. Additionally, software testers, software developers, development and test managers, security auditors and anyone involved in software production for resale or internal use will find it valuable. Attendees will walk away with the skills and techniques to both build a solid security testing team and to expose the most insidious application security vulnerabilities.
- Where does security testing fit into the product lifecycle?
- Definition of a security bug.
- The role of a security tester in the organization.
- Overview of security testing elements
- Security testing roles
- Threat modeling
- Risk assessments
- Security test planning
- Test team organization and management.
III. In-Depth Look at Security Vulnerabilities
Note : This section of the course is organized such that each vulnerability type will be analyzed including: vulnerability cause, symptoms, prevention and testing techniques and tools to find them in software.
- Accepting Arbitrary Files as Parameters
- Permitting Relative and Default Paths
- Offering Administrative, Software and Service Back Doors
- Default or Weak Passwords
- Shells, Scripts and Macros
- Dynamic Linking and Loading
2.) Data Parsing
- Buffer Overflows
- Advanced Buffer Overflows
- Format String Attacks
- Integer Overflows
3.) Information Disclosure
- Storing Passwords in Plain Text
- Creating Temporary Files
- Leaving Things in Memory
- The Swap File and Incomplete Deletes
- Weekly-Seeded Keys and Random Number Generation
- Trusting the Operating System APIs
4.) On the Wire
- Trusting the Identity of a Remote Host (Spoofing)
- Proprietary Protocols
- Volunteering Too Much Information
- Loops, Self References and Race Conditions
- Cross Site Scripting
- Forceful Browsing
- Parameter Tampering
- Cookie Poisoning
- Hidden Field Manipulation
- SQL Injection
- Security on the Client
- Trusting the Domain Security Model
- Trusting SSL
- Applying the techniques
- Learning from past mistakes
- Case studies
*Class fees are subject to change