ISTQB Security Tester Certificate

This course prepares testing professionals for the ISTQB® Security Tester certification by providing a structured approach to security testing principles, techniques and practices. You will learn how to identify vulnerabilities, understand threats and apply test methods that strengthen software security throughout the development lifecycle. The course emphasises both theory and practical application so you can effectively assess and mitigate security risks in real-world systems.

Throughout this training, you gain insight into security vulnerabilities, risk-based testing strategies and specialised security test techniques such as penetration, fuzz and vulnerability scanning. The course follows the ISTQB® Security Tester syllabus, and includes exercises and examples to prepare you for both the official exam and practical implementation. You will also learn how security testing integrates with traditional testing practices and DevOps workflows.

Course objectives

After completing this course you will be able to:

  • Understand the goals and principles of security testing
  • Analyse risks and define security testing goals
  • Use security test techniques to uncover vulnerabilities
  • Interpret security test results and recommend mitigations
  • Integrate security testing into development and QA processes

Prerequisites

To take this course you must hold the ISTQB® Foundation Certificate. Experience with testing and knowledge of software development lifecycle concepts will help you get the most out of the training.

Target audience

This course is appropriate for:

  • Testers and test analysts
  • QA professionals wanting to deepen security expertise
  • Test consultants involved with security risk assessment
  • Developers interested in security-focused testing
  • Anyone working with secure delivery of software

About Sue Atkins

As a self-confessed bug-magnet, quality advocate and risk nut, Sue Atkins has been active in the world of software testing and process improvement for over thirty years.

She has experience of software development from both the waterfall and Agile perspectives across a diverse range of sectors – from banking and telecoms to healthcare and retail.

Sue has a passion for training and loves to help others grow their skills in all dimensions of testing, quality and process improvement.  She has spoken at a number of conferences, is co-chair of the Scottish Testing Group and was a member of the programme committee for EuroSTAR 2022 – Europe’s largest Testing Conference.

Security foundations and risk management

The course introduces the key concepts of security testing, including threat modelling, vulnerability categories and risk assessment as part of test planning.

Security test planning

You will learn how to define security test objectives, scope and criteria based on risk analysis to focus efforts on the most critical areas.

Security test techniques

The course covers specialised security test techniques such as vulnerability scanning, fuzz testing, injection testing and authentication checks, giving you tools to expose weaknesses in systems.

Non-functional considerations in security testing

Explore how performance, reliability and resilience intersect with security, and how to address non-functional attributes when designing and executing security tests.

Tools and automation

You gain practical insights into tools that support security testing, including scanners, proxies and automation frameworks that help identify and track issues efficiently.

Reporting and mitigation guidance

You learn how to report security findings effectively and provide actionable recommendations for development and operations teams.

 

About the exam:

The exam is included in the training.

The ISTQB Security Tester exam is conducted online, comprised of 45 multiple choice questions, with a pass mark grade of 65% to be completed within 120 minutes.

Participants that take the exam not in their spoken language, will receive additional 25% time, and will have 30 minutes more, or a total of 150 min.

Please visit the iSQI websites for more information on how to book your online exam. 

Practical information

Duration: 4 days
Price: 32 000 NOK (includes exam, documentation and course materials)
Language: English
Format: Can be delivered as an open course or as an in-house course

FAQ

Hva kreves for å ta dette kurset?
Du må ha ISTQB® Foundation-sertifisering. Erfaring med testing og forståelse for programvareutvikling er en fordel.

Er eksamen inkludert i kursprisen?
Ja, den offisielle ISTQB® Security Tester-eksamenen er inkludert.

Hva lærer jeg om sårbarheter?
Du lærer å identifisere og teste for vanlige sikkerhetssårbarheter, inkludert injeksjon, autentisering og tilgangskontroll.

Trenger jeg erfaring med sikkerhetsverktøy?
Det er en fordel, men kurset gir en introduksjon til testverktøy og hvordan de brukes i praksis.

Hvordan kombineres dette med vanlig testing?
Security testing sees som en del av helhetlig QA, og du lærer hvordan du integrerer sikkerhet i testprosesser og DevOps.

Relevant courses

Other subject areas

Andre relevante kurs

ISTQB Foundation v4.0 Certificate
11. mars
3 dager
Classroom On Demand Virtual
IREB® CPRE Foundation Level
6. mai
3 dager
Classroom Virtual
ISTQB® Agile Tester
9. april
2 dager
Classroom Virtual Startgaranti
ISTQB Advanced Level Test Manager
3. mars
4 dager
Classroom On Demand Virtual