STARWEST 2010: Tour-based Testing: The Hacker's Landmark Tour

When visiting a new city, people often take an organized tour, going from landmark to landmark to get an overview of the town. Taking a “tour” of an application, going from function to function, is a good way to break down the testing effort into manageable chunks. Not only is this approach useful in functional testing, it’s also effective for security testing. Rafal Los takes you inside the hacker’s world, identifying the landmarks hackers target within applications and showing you how to identify the defects they seek out. Learn what “landmarks” are, how to identify them from functional specifications, and how to tailor negative testing strategies to different landmark categories. Test teams, already choked for time and resources and now saddled with security testing, will learn how to pinpoint the defect-from the mountains of vulnerabilities often uncovered in security testing-that could compromise the entire application.