Certified Tester Security Test Engineer (CT-STE)

Certified Tester Security Test Engineer (CT-STE)

📥 Download Materials

Overview

The ISTQB® Certified Tester Security Test Engineer (CT-STE) certification focuses on how security testing should be done, presenting security methodologies, standards, techniques, processes, and tools. As cyberattacks grow in frequency and sophistication, a robust engineering-focused approach to testing security is more critical than ever. Without security testing aligned to an IT system’s specific risk levels, vulnerabilities may be exploited—potentially during production—with devastating consequences. The CT-STE certification aims to bridge this gap, ensuring professionals can proactively create maximum transparency about effective security risk exposure to secure systems against emerging threats.

Audience

The Certified Tester Security Test Engineer is aimed at anyone involved in testing IT-based systems for security. This includes people in roles such as testers, test analysts, test managers, and even software developers, as everyone in a team should care about security. This certification is also appropriate for anyone who wants a basic understanding of executing security testing activities, such as project managers, quality managers, software development managers, business analysts, operations team members, IT directors, and management consultants.

Contents

Exam Structure

Business Outcomes

A candidate who has achieved the Certified Tester Security Test Engineer certification should be able to:

• Understand the fundamental security paradigms, and their impact on security testing
• Use and apply appropriate Security Test techniques and know their strengths and limitations
• Contribute to planning, designing, and executing Security Test
• Understand how Security Test standards and security best practices can be utilized for Security Test
• Adjust and perform Security Test activities accordingly to specific organization context
• Adjust and perform Security Test activities accordingly to specific development methods and software development lifecycles
• Feed Security Test results into an information security management system (ISMS) for an active security risk management
• Collect, evaluate, and aggregate test results, write a detailed test report with all evidence and findings
• Based on a needed Security Test approach identify proper requirements for tooling and assist in the selection of Security Test tools

More Information

Training is available from Accredited Training Providers (classroom, virtual, and e-learning). We highly recommend attending accredited training as it ensures that an ISTQB® Member Board has assessed the materials for relevance and consistency against the syllabus.

Self-study, using the syllabus and recommended reading material, is also an option when preparing for the exam.

Holders of this certification may choose to proceed to other Core, Agile, or Specialist stream certifications

Download Materials

Syllabus

Sample Exams

Exams Structures and Rules