ISTQB® has released CT-STE — Certified Tester Security Testing Engineer, a specialist-level certification focused on testing for security vulnerabilities without requiring you to become a full-time penetration tester.
The syllabus covers:
- threat modelling for testers
- security test design and risk-based testing
- common vulnerability classes (OWASP Top 10, CWE)
- collaboration with developers, security engineers and operations
- regulatory awareness (GDPR, NIS2)
CT-STE replaces and extends the previous Security Tester certification. If you already hold the older version, A4Q and iSQI will publish a transition path later this year.
