ISTQB Advanced Security Tester – What is it and why should I consider it?

In this latest blog post we introduce a new training course within the ISTQB portfolio that aims to ensure testers are security savvy and address the skills shortage that is leaving organisations and their data, systems and process vulnerable to attack.

Security breaches are big news and the threat is ever-increasing. This presents a significant challenge for testers and test managers, who need to be aware of this growing threat and understand how security aspects can be integrated into the testing process.

Security failures can occur for many reasons, but the list below highlights some of the most common causes:

  • Human lapses
  • Malicious outsiders (and insiders)
  • Lack of adequate defences and testing of the defences that are in place
  • Defective software in general
  • A limited view of security and testing
  • Placing too much trust in technology
  • Security is an afterthought in most development projects
  • Lack of awareness at the executive level

There have been a number of high-profile security failures in the very recent past, including breaches at TSB, British Airways, Equifax, TalkTalk, Tesco Bank and Wonga. Effective security testing is essential for organisations to produce systems, software and infrastructures capable of withstanding these attacks and safeguarding data and assets.

A new course and exam aims to provide testers with the necessary awareness and knowledge to ensure IT systems and software developments have been rigorously tested from a security standpoint – prior to launch and throughout the software lifecycle.

The ISTQB Advanced Security Tester Course combines lectures, exercises and practical work to describe and illustrate best practices in security testing. It will help testers to interrogate new systems and software in order to mitigate the threat of both human and machine-based attacks.

The course sets out the role and importance of security testing as well as processes to deliver the quality assurances required for software development in today’s challenging security landscape. It is suitable for technical testers, security testing specialists, managers and any other testing professionals that are committed to delivering robust security testing as part of the wider test plan.

Over the 4 days of structured classroom training, you will be begin by covering the basics of security testing and the approaches available. As the course progresses, you will move on to look in greater depth at processes and strategies that can be used throughout the software lifecycle as well as covering trend, tools and reporting.

You can learn more about this course here.

In addition we also offer a wide range of Software Testing and Security courses including the popular ISTQB certifications and specialist courses in areas such as Penetration Testing and Test Automation.