ConTEST 2021 Conference Website - click here

Description: Security has become a necessity in our day-to-day activities.

Most QA Engineers think that they can not contribute to testing security of the application. But that is not true. There are many ways QA can find the vulnerabilities in the system. This talk will help you to understand how it is possible with your existing automation tests.

I will also share how I was able to overcome the following questions that lingered in my mind when I was thinking of security testing:

How can we uncover these vulnerabilities?
Do we understand the basic security tests that we run?
How can we enable the team to gain the capability to understand and be a part of Security Testing?
How can we have DAST Automated with our Selenium Automation Tests?
How can we have DAST part of CI/CD pipeline?


In this talk, you will see how you could drive our testing team to understand the benefits of finding security defects at an early stage without putting much effort with the existing test automation suite.

This talk will introduce the audience to take their very own first steps in to Security Testing. I will be introducing them to concepts and how to move forward with security testing with Open Source tools. There will be real demos, which will comprise overviews on certain OWASP vulnerabilities with demos on Web Application DAST with Selenium and Jenkins.

This will be a helpful talk for those who are interested in stepping into the world of continuous security testing with their QA team.


Outcomes: Seldom do we understand the importance of non-functional testing. This might be a new aspect to look forward to for many in the audience. I will deliver keep steps so that they can take it back and use them in their teams to get into the world of Security Testing.