Security testing is a huge topic. In this talk, Ken will discuss his experience working for small companies where security testing is a requirement, but often gets overlooked. Ken will explore some of the basic things a tester should know about web application security, such as the resources available from OWASP.
As part of this talk, Ken will live demo the following tools:
OWASP Zed Attack Proxy (vulnerability analysis)
Microsoft Threat Modeling tool (communication)
Wireshark / tcpdump / nmap (network analysis)
Attendees will take away:
A quick overview of some tools that you can use on a daily basis