Security testing processes

• Product managers
• project managers in product development
• product developers
• requirements developers
• test developers
• test analysts
• test managers
• acceptance testers
• quality managers and consultants

Definition of security test processes

After the course, participants will be able to select, plan, implement and analyse the most important activities for a systematic security process.

• Define the elements of an effective security testing process for a given project
• Analyse a given security test plan and identify its strengths and weaknesses
• Design of conceptual (abstract) security tests based on a given security testing approach and identified functional and structural security risks for a given project.
• Design of test cases for the validation of security policies and procedures
• Understanding the key elements and features of an effective security testing environment
• Understand the importance of planning and approval before conducting security tests
• Analysis of the results of security tests for reporting purposes
• Understanding the need to revise security expectations and acceptance criteria
• Understand the need to keep security test results confidential and secure   
• Understand the need to establish appropriate data collection controls and mechanisms to provide source data for security test status reports in a timely, accurate and precise manner
• Analysis of a given interim report on the status of security testing to determine the level of accuracy, understandability, and appropriateness for stakeholders

Martin Schneider

Martin Schneider is team leader of the testing group in the Quality Engineering business unit of the Fraunhofer Institute FOKUS. He is an expert in quality assurance and security testing in the field of networked software systems.
 

Dorian Knoblauch

Dorian Knoblauch is a research assistant in the Critical Systems Engineering group in the SQC business unit of the Fraunhofer Institute FOKUS.