Fraunhofer Institute for Open Communication Systems
Fraunhofer Institute for Open Communication Systems

Seminar Series »Basics of Security Testing«

Basics of Security Testing, Security Testing Processes, and Optimization through Systematic Risk Management

The Challenge

Over 90 percent of all software security incidents are caused by attackers exploiting known vulnerabilities. The majority of these are based on programming errors that cannot be prevented by structural measures alone.

Systematic integration of security testing activities with other life cycle activities in the software development process makes it possible to identify security gaps at an early stage and thus eliminate them cost-effectively.

 

The Solution

The seminar series " Basics of Security Testing" teaches the general basics of security testing, their embedding in security testing processes and the software lifecycle, and shows how security testing in particular can be optimized by integrating it into consistent risk management.

During the seminar series, selected security testing methods and techniques will be explained along practical examples. The participants will be able to try out the testing methods and security mechanisms themselves and experience them in practice. Thereby, characteristic vulnerabilities will be exploited, and at the same time methods will be taught to identify and to be able to shut them down.

The seminar series references established security testing standards as well as the procedures and techniques described within them.

Overview of the Seminar Series »Basics of Security Testing«

Format Live online seminar as individual scheduled modules, also possible as on-site training upon request
Duration Up to 32h
Schedule

According to individual agreement (within the framework of the preceding needs analysis)
Language German or English (Material in English)
Level Basic
Requirements Practical experience around development, operation and testing of software (incl. procurement).
Number of participants 6-12
Location

Online or On-Site

Fraunhofer FOKUS, Kaiserin Augusta Alle 31, 10589 Berlin or other locations
Course Fee EUR 2600,- per person (when booking all 4 modules); Discounts for groups over 8 people in individual agreement

Currently, there are no scheduled dates for this course. Feel free to contact us for personalized advice or further information.

Contact Request
Your Advantages at a Glance

After the seminar you can...

  • Apply basic security testing methods
  • Select basic security testing techniques
  • Set up and manage a security testing process
  • Test simple security mechanisms
  • Apply testing and security testing standards
  • Apply simple security testing measures in the software lifecycle 

This seminar offers you...

  • Systematic introduction to the basics of security testing
  • Introduction to risk-based security testing
  • Introduction to security testing techniques such as fuzzing, scanning, etc.
  • Systematic integration of the security testing techniques with the activities of a software life cycle
Target Groups

  • Product managers
  • Project managers in product development
  • Product developers
  • Requirements developers
  • Test developers
  • Test analysts
  • Test managers
  • Acceptance testers
  • Quality managers and consultants

Trainers

Dr. Jürgen Großmann (juergen.grossmann@fokus.fraunhofer.de) is team leader of the Critical Systems Engineering group in the SQC business unit of the Fraunhofer Institute FOKUS. He is an expert in quality assurance, risk analysis and IT security testing in the field of critical, networked software systems in the automotive industry and the financial sector.

Martin Schneider is team leader of the testing group in the Quality Engineering business unit of the Fraunhofer Institute FOKUS. He is an expert in quality assurance and security testing in the field of networked software systems.

Dorian Knoblauch (dorian.knoblauch@fokus.fraunhofer.de) is a research associate in the Critical Systems Engineering group in the SQC business unit of the Fraunhofer Institute FOKUS. He is an expert in security testing and test automation.

Overview of the Individual Modules

1st Module »Security Tests throughout the Software Life Cycle«

  • Role of security testing in requirements specification
  • Role of security testing during design
  • Role of security testing in the implementation phase
  • Security testing during system and acceptance testing
  • Security testing in maintenance

 

 

 

 

2nd Module »Security Testing Processes«

  • Definition of the security testing process
  • Planning of security tests
  • Design of security tests
  • Execution of security tests
  • Evaluation and reporting of security tests

3rd Module »Risk Management and Security Testing«

  • Risk management in the overall context of the organization
  • Risk identification
  • Risk analysis
  • Risk evaluation
  • Risk treatment
  • Risk-based security testing
  • Test-based risk analysis and risk evaluation

4th Module »Testing Security Mechanisms«

  • System hardening
  • Authentication and authorization
  • Encryption
  • Firewalls
  • Attack detection
  • Malware scanning
  • Data masking 

Contact

Contact Press / Media

Anne Halbich

Fraunhofer Institute for Open Communication Systems
Kaiserin-Augusta-Allee 31
10589 Berlin, Germany

Phone +493034637346

Melden Sie sich zu unserem Newsletter an!

Erhalten Sie regelmäßig Neuigkeiten und exklusive Inhalte direkt in Ihr Postfach.
Bitte füllen Sie das Pflichtfeld aus.

Bitte füllen Sie das Pflichtfeld aus.