Risk Management and Security Testing
Basics of Security Testing
The Challenge
Achieving trustworthy security in complex, networked IT systems is anything but easy. Where perfect security cannot be achieved, careful systematic risk management should be the basis for all security-related measures. In the practice of IT systems, however, this is often not the case. This seminar aims to raise awareness of the urgency of risk management.
The Solution
The course shows how safety testing in particular can be optimised by integrating it into a consistent risk management. It imparts the necessary methodology and the associated knowledge to carry out risk-based safety testing independently.
Your Advantages at a Glance
After the seminar you will be able to
- Implement systematic risk management
- Derive and prioritise safety test cases from risk models
- Evaluate results of safety tests with regard to the risk picture
This seminar offers you
- Theoretical foundations
- Learning by means of practical examples
Content
- ISO 31000 Risk Management
- Risk Based Security Testing
- Test Based Risk Assessment
Learning objectives
After the course, participants will be able to implement risk management and carry out optimised security tests based on the following risk models.
Risk management in the overall context of the organisation
- Risk identification
- Risk analysis
- Risk evaluation
- Risk treatment
- Risk-based safety testing
- Test-based risk analysis and risk evaluation
Target group
Developers, system administrators, test developers
Requirements
Basics of software development
Course data
Specialists and user training
Dr Jürgen Großmann is the team leader of the Critical Systems Engineering group in the SQC business unit of the Fraunhofer Institute FOKUS. He is an expert in quality assurance, risk analysis and IT security testing in the field of critical, networked software systems in the automotive industry and the financial sector.
Dr Johannes Viehmann is a senior researcher and project leader of the Critical Systems Engineering group in the SQC business unit of the Fraunhofer Institute FOKUS. He is an expert in safety-critical, highly interconnected systems, trust-creating concepts and risk management.
Please contact us
Would you like individual advice or do you have any questions about our training courses? Give us a call or send us an e-mail. We will then get in touch with you.