Graduation assignment Security Testing AI

Iquality vergadering.
Introduction

More than graduating...

Are you pursuing an HBO or WO degree in ICT / Computer Science / Software Engineering and want to ensure that you graduate at a level that suits you? If you are eager and want to make your graduation the first step in your career, then come and meet us!

At Iquality, you will join an organization with a true technical culture: freedom, autonomy, responsibility, and plenty of room for your ideas to solve unconventional challenges. This is also how we structure our graduation internships, of course taking into account all the requirements set by your education. We have years of experience with graduates and know exactly what you need to be able to graduate. We will fine-tune the assignment below together so that it meets all competencies and aligns with your wishes.

First you: During the initial conversations, we will try to find out where your interests lie and how we can adapt our graduation assignment to them.We ask many questions in this conversation to form a picture of where your interest lies, but also where it does not.

Graduation Assignment: Security Testing with AI for Websites and Web Applications

Context

We develop websites and web applications that are essential for our clients. Because these applications often process sensitive data, they are attractive targets for cyberattacks. Think of vulnerabilities such as SQL injections, Cross-Site Scripting (XSS), and weak API security.

Our clients currently engage external parties for security audits, but we want to build this expertise internally. Additionally, our company wants to make more use of AI technologies. This presents a unique opportunity to enhance security testing with the help of AI.

Assignment Description

You will research and implement how security testing can be integrated into our development processes, with a focus on AI-driven tools. The goal is to establish a practical process to detect and address security risks in websites and web applications early on.

By “framework,” we mean a set of practical guidelines, methodologies, and tools that our team can follow to perform security testing.

Specifically, you will:

  • Research which AI-driven tools and techniques add value to security testing for web applications.
  • Conduct a Proof of Concept (PoC) where security testing is applied to one of our web applications, including the use of AI tools.
  • Develop practical guidelines and a step-by-step plan for our team to consistently perform security testing.

Research Questions

  • What security risks are most relevant for websites and web applications (e.g., OWASP Top 10)?
  • How can AI tools improve the effectiveness of security testing?
  • Which tools and techniques are suitable for detecting security risks, including AI-driven tools?
  • How can security testing be integrated into an Agile development process and CI/CD pipelines?
  • What best practices can help our team proactively manage security?

Tools/Technologies Used

Besides traditional security testing tools, you use AI-driven solutions such as:

  • AI-driven Vulnerability Scanners: Tools like Netsparker AI, Acunetix, or DeepCode.
  • Machine Learning for Log Analysis: Use tools like Splunk or ELK Stack combined with AI models to detect suspicious patterns in logs.
  • Static Code Analysis with AI: Tools like Snyk or CodeAI to automatically identify vulnerabilities in code.
  • Dynamic Security Testing with AI: Tools like OWASP ZAP, enhanced with AI plugins or models to predict vulnerable paths.
  • Threat Modeling with AI: Use tools like Microsoft Threat Modeling Tool combined with AI-driven suggestions for attack scenarios.
  • Integration in CI/CD: Use Jenkins, GitLab CI/CD, or Azure DevOps with automated security checks.

Result

Your assignment results in:

  • Practical framework: A set of tools, methodologies, and guidelines to effectively incorporate security testing into our processes.
  • Proof of Concept (PoC): Application of the framework to an existing web application. This demonstrates how AI tools can identify and mitigate risks.
  • Reporting: Documentation of the findings, including a comparison of tools, risks, and recommendations.
  • Manual and training: Materials that support our team in applying AI-driven security testing in practice.

Impact

With this assignment, you not only help us better secure our applications but also contribute to innovation within our company by leveraging AI in a valuable way. This not only strengthens our internal processes but also provides unique added value for our customers.

In addition to security testing, we also offer the possibility to focus graduation projects on other important quality aspects, such as accessibility testing and functional testing. A combination of these aspects is also possible. This gives you the opportunity to develop a broader perspective on quality improvement in software development and tailor your assignment to your interests and ambitions.

Graduation Period

During your graduation period, we work according to the SCRUM methodology. We use 14-day sprints. You fill the backlog, are part of our stand-ups, and we close the sprint with a retrospective. This way, we continuously evaluate how your graduation is progressing, whether the level is too low or too high, and how we will approach the next sprint. This way, you determine whether you graduate with a 6 or a 9 and how much you want to be challenged.

We give you all the opportunities to further develop yourself. We believe this can be achieved through the right guidance and collaboration. Moreover, we are a close-knit group of colleagues who help each other grow, both professionally and personally. As students, you also learn from each other because we try to have a group of 6-8 graduates participate in our organization every six months.

Graduation and then...

The graduation period at Iquality is your way to show what you are capable of. It is also your way to determine if Iquality is an employer where you would like to start your career. And it is our way to see if you could become part of our great team. Win-win-win, right?

We get inspired by curious people

First you, then coding: we design, develop, optimize and support digital solutions for your story.

John van Beek

Leave your message here

How can we help you?
May Iquality store your contact information for future use?

Read more about our privacy statement.

Thank you for your message

We will get back to you as soon as possible.

Oops, something went wrong.

Sorry for the inconvenience. Please try again later.