Seminar Series »Basics of Security Testing«
Basics of security testing, security testing processes and optimization through systematic risk management
Over 90 percent of all software security incidents are caused by attackers exploiting known vulnerabilities. The majority of these are based on programming errors that cannot be prevented by structural measures alone.
Systematic integration of security testing activities with other life cycle activities in the software development process makes it possible to identify security gaps at an early stage and thus eliminate them cost-effectively.
The seminar series " Basics of Security Testing" teaches the general basics of security testing, their embedding in security testing processes and the software lifecycle, and shows how security testing in particular can be optimized by integrating it into consistent risk management.
During the seminar series, selected security testing methods and techniques will be explained along practical examples. The participants will be able to try out the testing methods and security mechanisms themselves and experience them in practice. Thereby, characteristic vulnerabilities will be exploited, and at the same time methods will be taught to identify and to be able to shut them down.
The seminar series references established security testing standards as well as the procedures and techniques described within them.
Your Advantages at a Glance
After the seminar you can...
- Apply basic security testing methods
- Select basic security testing techniques
- Set up and manage a security testing process
- Test simple security mechanisms
- Apply testing and security testing standards
- Apply simple security testing measures in the software lifecycle
This seminar offers you...
Systematic introduction to the basics of security testing
- Introduction to risk-based security testing
- Introduction to security testing techniques such as fuzzing, scanning, etc.
- Systematic integration of the security testing techniques with the activities of a software life cycle
- Project managers in product development
- Product developers
- Requirements developers
- Test developers
- Test analysts
- Test managers
- Acceptance testers
- Quality managers and consultants
Practical experience around development, operation and testing of software (incl. procurement).
Overview of the Individual Modules
Role of security testing in requirements specification
- Role of security testing during design
- Role of security testing in the implementation phase
- Security testing during system and acceptance testing
- Security testing in maintenance
Definition of the security testing process
- Planning of security tests
- Design of security tests
- Execution of security tests
- Evaluation and reporting of security tests
Risk management in the overall context of the organization
- Risk identification
- Risk analysis
- Risk evaluation
- Risk treatment
- Risk-based security testing
- Test-based risk analysis and risk evaluation
- Authentication and authorization
- Attack detection
- Malware scanning
- Data masking
Live online seminar as individual scheduled modules, also possible as on-site training upon request
According to individual agreement (within the framework of the preceding needs analysis)
|Language||German or English (Material in English)|
|Duration||Up to 32h|
|Number of participants||6-12|
|Lecturers||Dr. Jürgen Großmann, Martin Schneider and Dorian Knoblauch|
Online or On-Site
Fraunhofer FOKUS, Kaiserin Augusta Alle 31, 10589 Berlin
or other locations
|Course Fee||EUR 2600,- per person (when booking all 4 modules); Discounts for groups over 8 people in individual agreement|
Dr. Jürgen Großmann (firstname.lastname@example.org) is team leader of the Critical Systems Engineering group in the SQC business unit of the Fraunhofer Institute FOKUS. He is an expert in quality assurance, risk analysis and IT security testing in the field of critical, networked software systems in the automotive industry and the financial sector.
Martin Schneider is team leader of the testing group in the Quality Engineering business unit of the Fraunhofer Institute FOKUS. He is an expert in quality assurance and security testing in the field of networked software systems.
Dorian Knoblauch (email@example.com) is a research associate in the Critical Systems Engineering group in the SQC business unit of the Fraunhofer Institute FOKUS. He is an expert in security testing and test automation.
Would you like individual consultation or do you have any questions about our training courses? Send us an email and we will get back to you.