WTEU-66 – Threat Modelling and Security testing strategies with MindMup

Date: 20th March 2015

Time: 15:30 – 17:30 GMT

Facilitator: Dan Billing

Threat modelling is one of the first steps in developing an effective security testing strategy. Based on learnings from the STRIDE threat model, and other threat models we will discuss the potential threats, risks, assets and potential mitigation for security issues for a web application.

We will then discuss how this threat model could be used to develop security testing stratagies, functional and user flow of security concerns, discuss potential techniques, tools and other useful information.

As we develop the threat model and testing strategy for each threat we will build up a mind map using MindMup (www.mindmup.com) to visualise the strategy. MindMapping is a very useful way of planning any testing activity, as it allows visual linking and mapping of ideas, questions and concerns and is one of the key techniques explored and taught in the Rapid Software Testing course. MindMup allows multiuser collaboration, clear linking of topics, image capture and export for sharing.

If you wish take part, follow this link to submit your contact details, http://goo.gl/forms/hTmmkYBxd3

OR send an email to europetesters@gmail.com

or join us on Skype on the day at Weekend Testing Europe.



About the Author

Dan Billing has been a software test engineer for 13 years, he currently works at NewVoiceMedia. Dan loves testing, and all its wondrous variety. He tries to help others become better testers by attending events, speaking, blogging and giving training. Dan has a reputation for being knowledgeable about including security as part of testing. You can find him at thetestdoctor.wordpress.com or on Twitter.