• Version
• Download 630
• File Size 1.49 MB
• File Count 1
• Create Date October 24, 2014
• Last Updated April 19, 2022

Security Software Testing - Workshop eBook

In this workshop, we will be learning about the overall software security testing happening in the field of information security, covering many aspects of security. However, in this module, we will talk about the knowledge base, the basics of software security.

This e-book contains text materials from the course.

Module 1 – The Basics of Software Security

• • Introduction

• • Prerequisites

• • The Software Industry

• • Types of Software

• • What is Security Software?

    • • Anti-spyware software

    ---

    • • Anti-virus software

    ---

• • Firewall

• • Some Common Sense

• • Patch Management

• • Secure Coding of Software

Module 2 – Types of Software Security Testing

• • Introduction

• • Software Security Testing

• • Core Values

• • Types of Software Security Testing

• • Front End Testing (FET)

• • End-to-End Testing (E2E)

• • Main Code Testing (MCoT)

• • Techniques or Methodologies

• • Black Box Method

• • White Box Method

    • • Example1

    ---

    • • Example2

    ---

• • Security Code Review Tools

Module 3 – Source Code Review Tools & Techniques

• • Introduction

• • Why do we need tools?

• • Leading Source Code Review Tools

    • • Flawfinder

    ---

    • • IBM Rational Software Analyzer

    ---

    • • Veracode SAST

    ---

• • Secure Coding Validation Suite by CERT

• • Microsoft CAT.NET

    • • Important Note

    ---

Module 4 – Demo Code Review

• • Introduction

• • What is Flawfinder?

• • Vendor’s mouth

• • How does it work?

• • Easy to use

• • Practicing Flawfinder

Module 5 – Security in Software Development Lifecycle

• • Security in software Development

• • What is security in the software development lifecycle?

• • Industry Facts

Attached Files