Testing for security is an increasingly important and visible part of software delivery. The classic formula for security testing isn’t working and security analysis tools can’t reliably find certain basic problems. Join Joe Kerby as he introduces concrete things testing teams can do to contribute to the security of a system and identify opportunities to include more advanced manual testing of scenarios that are often overlooked. Process improvements that range from articulating security acceptance criteria to checklists are discussed. In some cases, test automation can be used to raise the security of delivered software. In all cases, the villain persona and negative testing scenarios are foundational to effective security testing. You will learn manual testing steps for two classes of security vulnerabilities. In addition to specific actionable security testing strategies, one goal of Joe’s presentation will be to provide some high-level context for thinking about security testing and how to integrate it into the software development lifecycle effectively. Take the security of your applications to the next level and be more confident.