Paid workshop Wednesday 9 September 2026

Testing cookies, sessions & login: the bugs that ship every week

A hands-on half-day, live online. You'll reproduce real auth bugs on a sandbox — cookies, sessions, logout, SSO — the way they actually appear in production, and leave with an auth test plan you can run on your own product on Monday.

When
Wed 9 Sep
16:00–19:30 CEST
Price
€220 €290 Save €70
Early bird · 59 days left
Format
Live online·3.5h · two breaks·English
Who it's for
Testers & QA leads·Max 16
  • Reproduce the auth failure modes that ship constantly — missing HttpOnly, session fixation, logout that lies, JWT with no expiry, stale permissions.
  • Trace a live OAuth/SSO flow through the browser — redirect, token exchange, session establishment — and learn what to test and what to skip.
  • Build your own auth test plan, yours to keep and run on real work.
Price · early bird
€220 €290 Save €70

Early bird 59 days left — price rises to €290 after.

Booking 3+ from one team? Get in touch for seats.

Pay & reserve · €220 Secure card payment via Stripe. Zoom link & receipt by email.
16 of 16 seats left By paying you agree to our terms & refund policy.
About the webinar

Auth testing, not security testing.

The web's auth model is full of foot-guns most testers were never taught to look for. Cookies, sessions, tokens, SSO, "remember me," logout edge cases — every one has known failure modes that ship to production constantly because nobody tests them properly. This hands-on half-day teaches those failure modes by having you reproduce them on a deliberately-flawed sandbox. No production system is touched.

This isn't a security course. Security courses teach exploitation; this teaches what auth bugs look like in production behaviour — observable from outside, reproducible without pentesting skills, catchable in a test plan. If you can open the browser Network tab, you can do this workshop. We cover cookies and their flags, the session lifecycle and where it breaks, why logout is the hardest part of auth, permission staleness mid-session, and a live trace of a real OAuth/SSO flow.

You'll walk out with a method, not a badge — an auth test plan you build yourself, plus the four questions that catch most real-world auth bugs in a sprint review. Capped at sixteen seats so the hands-on work actually works. For testers and QA leads who currently sign off on a login flow by clicking "log in" and "log out" once.

Questions raised & answered

What you'll walk out with.

Every seat includes the live session plus everything you need to do this again on your own work.

  1. 01

    Hands-on reproduction of twelve real auth failure modes on a sandbox.

  2. 02

    A live OAuth/SSO flow trace through the browser.

  3. 03

    Your own auth test plan, yours to keep.

  4. 04

    Slides, the failure-mode checklist, and two weeks of follow-up Q&A after the session.

Save your seat — before someone else does.

You'll get the Stripe receipt and a calendar invite straight away, and the Zoom link the day before. Early-bird pricing ends in 59 days.

Pay & reserve · €220 16 of 16 seats left

Secure card payment via Stripe.

Hosted by

The person who'll also answer the email.

Imola — Founder · Pearly Quality

Imola

Founder · Pearly Quality

Software-testing practitioner and quality advocate with fifteen years in the field — across product teams, agencies and in-house QA orgs.

Today Imola runs Pearly Quality from Hungary: the workshops, the monthly letter, and the podcast.

LinkedIn YouTube Spotify podcast Newsletter