ISTQB® Certified Tester - Advanced Level Security Tester

Duration of courses

3 days



About the Course

This Advanced Security Tester (CTAL-SEC) course provides test engineers with advanced skills in security test analysis, design, and execution. In a hands-on, interactive fashion, you’ll learn how to plan, perform, and evaluate security tests based on organizational security policies, security risks and standards, and common vulnerabilities, within the context of the project lifecycle. Using a running case study, participants will among others, work through ways to analyse current and future security threats, the coverage of existing security tests against these threats, and the adequacy of security policies, procedures, and mechanisms; determine what security tests are most important; and evaluate a particular security testing approach will succeed and suggest enhancements where needed.

Course Outline

Chapter 1:
The Basis of Security Testing

Chapter 2:
Security Testing Purposes, Goals and Strategies

Chapter 3:
Security Testing Processes

Chapter 4:
Security Testing Throughout the Software Lifecycle

By the end of the course, participants will be able to:

  • Perform the appropriate testing activities based on the particular software development lifecycle being used
  • Plan, perform and evaluate security tests from a variety of perspectives – policy-based, risk-based, standards-based, requirements-based and vulnerability-based.
  • Align security test activities with project lifecycle activities.
  • Analyse the effective use of risk assessment techniques in a given situation to identify current and future security threats and assess their severity levels.
  • Evaluate the existing security test suite and identify any additional security tests.
  • Analyse a given set of security policies and procedures, along with security test results, to determine effectiveness.
  • For a given project scenario, identify security test objectives based on functionality, technology attributes and known vulnerabilities.
  • Analyse a given situation and determine which security testing approaches are most likely to succeed in that situation.
  • Identify areas where additional or enhanced security testing may be needed.
  • Evaluate effectiveness of security mechanisms.
  • Help the organization build information security awareness.
  • Demonstrate the attacker mentality by discovering key information about a target, performing actions on a test application in a protected environment that a malicious person would perform, and understand how evidence of the attack could be deleted.
  • Analyse a given interim security test status report to determine the level of accuracy, understandability, and stakeholder appropriateness.
  • Analyse and document security test needs to be addressed by one or more tools.
  • Analyse and select candidate security test tools for a given tool search based on specified needs.
  • Understand the benefits of using security testing standards and where to find them.

Upcoming Class

Face to face (F2F) or Remote online training (ROT)
16-18 Jan 2024
MS Teams
9 hours
Remote Online Training (ROT)
23-25 Apr 2024
Custommedia Academy
15 hours
Face To Face (F2F)
02-04 July 2024
Custommedia Academy
15 hours
Face To Face (F2F)
08-10 Oct 2024
Custommedia Academy
15 hours
Face To Face (F2F)

Pricing & Payment Plans

Course Fee

RM 6,000

Plus RM 1,050 for exam fee.
*Price above before SST

Fill the training course registration form by clicking the button below to register.
You can reach us via WhatsApp at +6011 51124480 between Monday and Friday,
9 a.m. to 6 p.m.

Enroll Courses