Skip to main content

Security Testing

By

Security testing is a process of testing any software authenticity that is it is done to check whether any software is secured from any unauthorized attack or not.
Precise testing solutions contains certified security software tester. We follow all rules provided by standard organization like Open Web Application security Project (OWASP) and Web Application Security Consortium (WASC).

Software Security Testing:

Software security testing deals with protection of data by Information System (IS) and maintains its function as deliberated. The six basic security concepts that need to be covered by security testing are:
Confidentiality, integrity, authenticity, authorization, availability and  non-repudiation.

Terms That Are Common in Security Testing

Vulnerability Scan:

This helps in determining known security issues using automated tools in order to match with known vulnerabilities. Tool automatically set risk level without manual interference by test vendor.

Vulnerability Assessment:

In order to identify security vulnerabilities, it uses vulnerabilities scanning and places the vulnerabilities according to their level under the test.

Security Assessment:  

It builds upon vulnerability assessment by adding manual verification to conform exposure but does not include exploitation of vulnerabilities to gain further access. This verification could be by making an authorized access to the system to confirm system settings and have an eye on logs, system responses, error messages codes etc. A security assessment looks in to the large area of the system under test but not the depth exposure as specific vulnerability does.

Penetration test:

This test is done by replicate a malicious party attack. This provides information about ability of an attacker to gain access to confidential information. This approach deals in attack detail in larger sense as compared to Security Assessment.

Vulnerability/Risk Management:

For planning and conducting Security Testing, this is the first step to be taken. This process identifies vulnerabilities inside the system or application. Vulnerability analysis helps in forecasting effectiveness of proposed countermeasures after they are put into use.
Security testing is important in today’s world which cannot be ignored by one .The various new tools are being invented day by day, one has to be careful in choosing them based on application or system nature.

TOOLS FOR SECURITY TESTING
1. Babel Enterprise.
2. BFB Tester - Brute Force Binary Tester
3. Brakeman
4. Cross
5. Flawfinder
6. Gendarme
7. HCE.
8. HCE - HTML Comment Extractor / Parser.
9. Knock Subdomain Scan.
10. Metasploit.
11. Nessus.
12. Nikto.
13. Nsiqcppstyle.
14. Oedipus.
15. OSSTMM - Open Source Security Testing Methodology     Manual.
Labels:

Comments

Post a Comment

Popular posts from this blog

Steps To Hunt the Bugs Successfully

By
The testers should catch the bugs in software that they’re testing. Testers should try to catch as several vital bugs as soon as possible. Catching the crucial bug earlier on Product-Life-Cycle can save the Projects from financial losses & mitigate the risks as compared for catching the same at a later stage in SDLC. Steps to hunt the bugs: Sometimes it’s useful to break the rules: The following test cases, which were predefined a tester can miss the bugs so it makes it impossible’s to provide the product i.e. 100 percent bug free. If you-follow pre-determined test cases you risks becoming blind to outside the bugs. A first secret is to check the functionality under the test. It’ll be an effective channel to discover the more bugs, because functionality is not generally covered by the test cases. Examine the patterns: You might have noticed that the bugs can be often met in the groups, one can call them-gregarious. The testing a new but the similar functionality...
Post a Comment
Read more

Cross browser testing Tools

By
Cross Browser testing It is a process to test the web apps across multiple browsers. It involves the checking compatibility of the app across multiple web browsers & ensures that your web app’s works correctly across different web browsers. Tools for Cross Browser Testing Browser shots: The browser shots might be most exhaustive cross browser-testing tool that exists. Browser Shots includes all of most popular-browsers, like Firefox, Chrome, & Safari, along with the tons of another browser’s that might sound unfamiliar, like Sea Monkey, Flock, & Iceape. You can adjust the resolution, color-settings, & even Flash and JavaScript settings. Cross Browser Testing: It allows users to test their websites with over the hundred resolution or browser and Operating System combinations. This also has support to mobile web-browsers, which is crucial because the web traffic is making shift from the primarily desktop computer users to primarily mobile ...
Post a Comment
Read more

Mobile Application Testing: Strategy for Development

By
There are a huge number of demands and lots of competitions in the mobile application industries. In that demands and competitions, the mobile application testing has become more important. The testing phase of the mobile application testing looks like evil between the creative process and excitement of new products in the market. According to the survey, “In US, on an average 2-3 hours per day people spends their time on smartphones and tablets. On that time, they spent 80% on mobile application and remaining 20% on web applications.” Few list of key factors for successful mobile application testing strategies are: Selection of Device for Testing : Before introducing the mobile application test activities, first select the devices for testing the application. Selection decision is very important because only devices can help to targets maximum numbers of the customers for accessing the application. There are two parts for device selection: §   Device Model ...
Post a Comment
Read more