WeTest are putting a spotlight on Security Testing over the months of October and November.
This includes two Meetups with expert speakers on the topic and an ongoing discussion on the WeTest Slack group.
As a part of the discussion, we’re re-visiting the 30 Days of Security Testing Challenge designed by the Ministry of Testing – although we’re not doing weekends so it’ll take a little longer!
I’m really looking forward to the challenge because penetration testing and security testing in general sounds like a really exciting and interesting sub-domain of testing.
So let’s start with Day One – Read a Security Blog
I read a few blogs on security and security testing over the last week.
- One was from Cigniti, a large multinational software testing organisation that runs their own blog on all things testing. Naturally, there is a bit of a salesy footnote inviting readers to contact them regarding the services they can offer, but that’s not taking away from the quality of the content.
I read this one about considerations that the UK Australia and NZ should have in relation to incidents overseas, and this one which outlined a few tips on keeping your application safe.
- A great site for InfoSec (although not necessarily testing) is https://krebsonsecurity.com/
Brian Krebs is well respected within the InfoSec community and has some really great content on his blog. Being that he worked as a reporter for the Washington Post for over a decade, his pieces are always well written and researched.
- The last blog I looked at was written by Dan Billing (aka The Test Doctor) who is known across the globe as being an expert in security testing
Dan writes on a number of topics, and it is great to see him speaking at conferences around the world.
Thanks for reading my post and following my progress through the 30 Days of Security Testing.
For more on Security Testing please visit here or any of my other ramblings visit here
Feel like joining in? Sign into the WeTest Slack group and get involved!
Mike the Tester 
Leave a comment