ISTQB® Security Tester

Introduction to Security Testing according to ISTQB®

What can you expect from this course?

The Security Tester course, created by Rex Black, provides test engineers with advanced skills in security testing analysis, design, and execution through direct instruction and group exercises.

Goals of participating in ISTQB® Security Tester

This hands-on course provides test engineers with the ability to define and carry out the tasks required to put the strategy into action and is ideal for testers and test teams preparing for certification. In preparation for the exam, participants will key concepts related to security threats, risks, policies and procedures, and how to address those through testing processes integrated into the software lifecycle.

The following contents will be covered

  • Plan, perform and evaluate security tests from a variety of perspectives – policy-based, risk-based, standards-based, requirements-based and vulnerability-based.
  • Align security testing activities with project lifecycle activities.
  • Analyze the effective use of risk assessment techniques in a given situation to identify current and future security threats and assess their severity levels.
  • Evaluate the existing security test suite and identify any additional penetration tests.
  • Analyze a given set of security policies and procedures, along with security test results, to determine effectiveness.
  • For a given project scenario, identify security test objectives based on functionality, technology attributes and known vulnerabilities.
  • Analyze a given situation and determine which security testing approaches are most likely to succeed in that situation.
  • Identify areas where additional or enhanced security testing may be needed.
  • Evaluate effectiveness of security mechanisms.
  • Help the organization build information security awareness.
  • Demonstrate the attacker mentality by discovering key information about a target, performing actions on a test application in a protected environment that a malicious person would perform, and understand how evidence of the attack could be deleted.
  • Analyze a given interim security test status report to determine the level of accuracy, understandability, and stakeholder appropriateness.
  • Analyze and document security testing needs to be addressed by one or more tools.
  • Analyze and select candidate security test tools for a given tool search based on specified needs.
  • Understand the benefits of using security testing standards and where to find them.

Languages and Prerequisites for participating in the course

We run the course in cooperation with our partner Rex Black. The documentation is mostly in English, the course language and parts of the exercises are in German.

The course contents are based on profound knowledge of the contents of the courses ISTQB® Certified Tester Foundation Level. We therefore recommend to participate in the “ISTQB® Certified Tester Foundation Level“ training course prior to attending, or to repeat the contents of the current version of the syllabus.

Your Examination

During registration, you can book your participation in the corresponding certification examination.
With this booking you agree that we may forward your data to the examination company GASQ Service GmbH, Rothenburger Straße 11, 90443 Nuremberg, Germany.
The examination fee is not included in the course fee and will be listed separately.
If there are requirements for participating in the examination, we will send you a separate registration form in which the valid requirements will be queried.
Examinations can generally be ordered in both German and English.
Non-native speakers can receive a time bonus for the exam - please feel free to contact us about this.

If you are interested in seeking the certification at a later date, we will inform you about the possibilities to find a suitable examination date.

Exams in connection with Virtual Classroom seminars

You can take the exam following your Virtual Classroom Training flexibly as a remote online exam. You will receive a voucher code from us with which you can book your personal exam at a date and time of your choice.

You will receive a detailed description of the technical requirements and the software used for an remote online exam after registering for a Virtual Classroom training.

target groups

  • Business Analysts
  • Experienced Sofware Testers
  • Managers
  • IT Specialists
  • Mobile Testers
  • Persons eliciting requirements
  • QM/QA Staff
  • System Architects
  • Tool Managers
Contact show/hide Contact show/hide

Your Contact to the Academy

Mrs. Doris Dötzer