STARWEST 2026 - Security
Customize your STARWEST 2026 experience with sessions covering security for software developers and testers.
Wednesday, September 23
AI-Driven Identity Governance: How Testing Teams Secure Access in Zero Trust Environments
As organizations adopt Zero Trust Architectures, Identity and Access Management has become a critical security control that testing teams can no longer treat as a black box. Traditional role-based access models struggle to keep pace with dynamic cloud environments, non-human identities, and evolving threat patterns. This session explores how AI-driven identity governance transforms access validation into a continuous, testable security practice. Drawing from real enterprise implementations across finance, healthcare, and e-commerce, the presentation demonstrates how behavioral analytics,...
Thursday, September 24
Testing for the Untestable: Validating App Resilience Against AiTM and Session Hijacking
As QA and DevOps teams, you rigorously test your login flows, MFA integrations, and session timeouts. But how do you test for an attack that doesn't break the code and mirrors the entire environment? Enter Adversary-in-the-Middle (AiTM) attacks—a sophisticated phishing method using reverse-proxy toolkits (like Evilginx) that bypass Multi-Factor Authentication (MFA) by stealing live session tokens. In this session, Yaamini will move beyond standard functional testing to look at the technical reality of modern session-based threats. She will demonstrate how these "zero-hour" attacks operate...
Testing the Untestable: How to Validate Cloud‑Dependent Features You Don’t Fully Own and Control
Today’s software relies on a collection of cloud services, shared platforms, and third‑party tools, many of which your teams don’t own, control, or even fully understand. Yet when something goes wrong, customers don’t blame the cloud provider or the external API. They blame your product. That puts testers in a tough spot: how do you ensure quality when key parts of the system are unpredictable, unavailable, or outside your team’s reach? This session explores how to build confidence in features that depend on other teams and the ever‑changing cloud. The session will look at practical ways...