Detective Work for Testers: Finding Workflow-based Defects
Workflow-based Web application security defects are especially difficult on enterprises because they evade traditional simple point-and-scan vulnerability detection techniques. Understanding these defects, and how and why black-box scanners typically miss them, is the key to creating a testing strategy for successful detection and mitigation. Rafal Los describes the critical role that application testers play in assessing application workflows and how business process-based testing techniques uncover these flaws. Rafal demystifies the two main types of workflow-based application vulnerabilities: business process/logic vulnerabilities and parameter-based vulnerabilities. As the complexity of Web applications continues to increase, learn how to adjust your testing strategy to make sure you don’t miss these unique types of defects.
Upcoming Events
Apr 27 |
STAREAST Software Testing Conference in Orlando & Online |
Jun 08 |
AI Con USA An Intelligence-Driven Future |
Sep 21 |
STARWEST Software Testing Conference in Anaheim & Online |
Recommended Web Seminars
On Demand | Building Confidence in Your Automation |
On Demand | Leveraging Open Source Tools for DevSecOps |
On Demand | Five Reasons Why Agile Isn't Working |
On Demand | Building a Stellar Team |
On Demand | Agile Transformation Best Practices |