Security Testing – part 2 (CYRUS)
Security testing plays a critical role in ensuring the security and robustness of web applications. From high-level auditing and penetration testing to ethical hacking, various approaches can be used to identify vulnerabilities. However, to uncover more than just the easily detectable vulnerabilities, security testing must be strategically planned and properly executed.
Security testers must not only find all potential bugs to safeguard a system, but they must also recognise that adversaries need only one exploitable vulnerability to breach a system.
Course objectives
This course prepares software testers to plan and execute security tests effectively, select and apply the most appropriate tools and techniques to identify even hidden security flaws.
Through practical exercises and hands-on use of various testing tools—including security scanners, sniffers, proxy servers, fuzzing tools and static source code analysers—this course equips participants with essential, immediately applicable skills for real-world security testing.
Learning Outcomes
By completing this training, participants will:
- Understand basic concepts of security, IT security and secure coding
- Learn web vulnerabilities beyond the OWASP Top Ten and learn methods to mitigate them
- Gain a deeper understanding of XML security
- Recognise client-side vulnerabilities and secure coding practices
- Understand security concepts of Web services
- Learn about JSON security
- Recognise denial-of-service (DoS) attacks and implement effective protection strategies
- Understand security testing approaches and methodologies
- Get practical knowledge of security testing techniques and tools
- Access further resources and readings on secure coding practices
The training is free of charge and offered as self-paced e-learning available on demand from April 2025 to October 2025 as well as an online instructor-led session on the following dates with a duration of approximately 4 hours.
