Writing Security Tests


This Working Session will look at Security Tests. These are a special type of test that confirms, via passing tests that security issues either exist or have been fixed.


  • When to write security tests
  • Common techniques
  • Transforming integration and e2e tests into security tests
  • Running tests against production
  • Instrumenting code to inject payloads
  • Running tests in parallel with builds or in-line
  • Inserting error handling into tests so that tests differentiate between an internal error and test failure


This Working Session will produce guidelines for writing security tests.


The target audience for this Working Session is:

  • Security professionals
  • Developers


Working materials

  • Draft guidelines for writing security tests


…add content…

Related Working Session(s)

Back to list of all Working Sessions and Tracks

Edit this page here