Many Functional Testing/QA Engineers don’t have insights into Security vulnerabilities. Usually an enterprise has a separate security testing team solely for that task and functional testers have to rely on them for the security audit.
Security is an important part of Testing but not every build of the application is tested for security issues. All Functional testing teams have a load of automated test cases which are run on every build of the application but they don’t check for security flaws.
In this talk we would be showing how you can use your existing test cases and automatically perform security testing on your web application. This is made possible using IronWASP, an open source security scanner and its companion libraries. If you are a software tester or developer even without any security expertise this talk will help you secure your web application better using your existing functional test cases.