Security testing of web services by an example of WCF-services
Security testing is a huge area of the testing as a whole. Two main conditions for proper security testing are special qualification of the QA and special project needs. You rarely can met both mentioned conditions in your project.
Although, security testing can be executed on some basic level in order to satisfy "hygiene principles". Such testing can help to protect your application from elementary attacks.
I am going to address the meeting on basic knowledge about security testing, which can be very useful for every QA specialist:
- main information about security testing of software;
- well known vulnerabilities, their symptoms;
- common recommendations to fix them.
I am going to give some details about testing web-services implemented using WCF framework, popular framework for web-services development using .NET platform.