September 10, 2022
InfosecGirls Session - 10th September, 2022
Topic: Web application security testing workflow — scoping, safe testing in staging, and reporting findings so engineering teams can act on them.
Summary
- Emphasised written scope: environments, credentials, out-of-scope systems, and emergency contacts.
- Safe testing habits: staging-first, rate limits, and evidence handling without exposing sensitive data.
- Reporting format: clear repro steps, severity rationale, and suggested fixes where possible.
- Handoff tips: triage with engineering, track retests, and celebrate fixed issues.