Offroading with Test Scripts: Security in QA

Presented at Diana Initiative 2019, Aug. 9, 2019, 4 p.m. (60 minutes)

How can QA and Information Security be allies?

In the QA community, it's been acknowledged for years that we want the same thing as Development and Product: good software, delivered on time, to reach our company's goals. Information Security has been less well represented. This is the story of how we started talking across the gap, improved our requirements, and spread the practice of security testing across a department.

Presenters:

• Sylvia Killinen - Senior QA Engineer at Worldpay
  Sylvia joined a QA team at Mercury Payment Systems in 2009 and never looked back. Finding a SQL injection bug was the impetus to start studying information security, and she has turned an interest into a field of work. With a focus on finding the trail and making it easier to do the right thing, she has offered technical and theoretical training to other testers within the company.

Links:

• https://dianainitiative2019.busyconf.com/schedule#activity_5ca7b33aec6747b3fb000017

Similar Presentations:

• Global AppSec - DC 2019 / The Zest of ZAP: How scripting in our favorite tool can bridge the gap between dev teams and security