Writing Security Tests


This Working Session will look at Security Tests, a special type of test that confirms, via passing tests, that security issues either exist or have been fixed.


  • When to write security tests
  • Common techniques
  • Transforming integration and e2e tests into security tests
  • Running tests against production
  • Instrumenting code to inject payloads
  • Running tests in parallel with builds or in-line
  • Inserting error handling into tests so that tests differentiate between an internal error and test failure


The target audience for this Working Session is:

  • Security professionals
  • Developers


Related Working Session(s)

Back to list of all Working Sessions and Tracks

Edit this page here