No video
WTF are Security Unit Tests? | Super-charge your AppSec with Security Unit Tests and TDD
Рет қаралды 308
Күн бұрынIn this video, AppSecEngineer's Chief Research Officer takes you through an Exploration of Security Unit Tests. Security Unit Tests are a crucial component in the Test-Driven Development (TDD) process, especially when building applications with robust security requirements. The video starts with an introduction to the concept of TDD and its importance in modern software development, emphasizing how it aligns with security best practices.
Next, our expert delves into the specifics of creating effective Security Unit Tests. They explain how these tests differ from standard unit tests by focusing on identifying and mitigating security vulnerabilities rather than just checking for functional correctness. The video includes examples of common security flaws such as Authentication Bypasses, Password Security Requirements and more.
The tutorial progresses to integrate Security Unit Tests within a TDD framework. Here, the Chief Research Officer showcases a live coding session, where they write a failing security test first, then proceed to write the minimum amount of code required to pass the test. This approach not only ensures that the application is functionally sound but also that it adheres to stringent security standards from the outset.
Whether you're a developer, a security professional, or just someone interested in application security, this video provides valuable insights into the world of TDD and security, helping you build more secure and reliable software.
Chapters:
00:00 - Intro to Security Unit Testing
01:30 - Basics of Security Unit Testing
04:00 - Why Test Early?
05:45 - Benefits of Security Unit Tests
08:20 - Test-Driven Development (TDD) Overview
10:55 - Setting Up a Python Security Project
14:00 - Writing Tests for Sign-Up & Login
22:45 - Implementing Sign-Up Feature
30:00 - Unique User Check
34:20 - Implementing Login Feature
40:10 - Conclusion & Benefits
#appsec #applicationsecurity #infosec #Security #securitytraining #training #handsonlearning #devsecops #securitytesting #securecoding #appsecengineer #developer #securityengineer
@blove87 5 ай бұрын
Awesome video. Bro how much preparing do you do for videos? Coding on the fly is sweet - also what plugins are you using to provide you that superb auto completed?
@AppSecEngineer 5 ай бұрын
Thank you 😊 The only prep I did for this video was approx 5 mins just before making the video. Just to identify what features I need to build and write security tests for. I use GitHub copilot and cursor for autocomplete in most cases
@blove87 5 ай бұрын
@@AppSecEngineer Thank you and that’s impressive but this ain’t the first time I’ve seen you cook things up on the fly. What’s a good way to chat with you more effectively?
@AppSecEngineer 5 ай бұрын
Thanks 😊 LinkedIn or twitter messages are the easiest way to discuss with me. Please connect on LinkedIn and we can talk
Jason Derulo
Рет қаралды 128 МЛН
QAZSPORT TV / ҚАЗСПОРТ TV
Рет қаралды 672 М.
ТВ3 - сериалы и шоу
Рет қаралды 2,5 МЛН
Emaar India
Рет қаралды 194