QA — AppSec's Best Friends

How we can (and should) leverage QA tools, artifacts, and processes to level up our Application Security.

I'll show you a real-world success story: how we built a completely automated tool for hunting IDOR vulnerabilities. I'll also share key insights on Dynamic Application Security Testing (DAST), specifically why understanding business logic and context is far more critical than the tools themselves.