filmov
tv
Adaptive Testing Methodology: Crowdsourced Testing... - Daniel Miessler - AppSec Ca 2016
Показать описание
Adaptive Testing Methodology: Crowdsourced Testing Methodology Customized to the Target Stack
Testing methodology is a sore subject for most pentesters. Everyone has their own way to do things, and 3 people testing the same thing often end up with different results—especially when constrained for time.
The ASTM project has two goals: 1) allow testers to consistently find the best vulnerabilities in the shortest amount of time, and 2) provide a framework for community improvement of the methodologies.
ASTM combines a time restraint with a quick technology detection step to build a customized testing methodology for that specific website given how much time you have to test it.
IOActive
Director of Client Advisory Services
Daniel Miessler is a Director of Client Advisory Services with IOActive, based out of San Francisco, California. Daniel has 15 years of experience in information security with a focus on web, mobile, and IoT, and is a project leader for the OWASP IoT and OWASP Mobile Top Ten projects. In his spare time, he enjoys reading, writing, programming, and table tennis.
-
Testing methodology is a sore subject for most pentesters. Everyone has their own way to do things, and 3 people testing the same thing often end up with different results—especially when constrained for time.
The ASTM project has two goals: 1) allow testers to consistently find the best vulnerabilities in the shortest amount of time, and 2) provide a framework for community improvement of the methodologies.
ASTM combines a time restraint with a quick technology detection step to build a customized testing methodology for that specific website given how much time you have to test it.
IOActive
Director of Client Advisory Services
Daniel Miessler is a Director of Client Advisory Services with IOActive, based out of San Francisco, California. Daniel has 15 years of experience in information security with a focus on web, mobile, and IoT, and is a project leader for the OWASP IoT and OWASP Mobile Top Ten projects. In his spare time, he enjoys reading, writing, programming, and table tennis.
-