Skip to content
Related Articles

Related Articles

Software Testing | Security Testing

View Discussion
Improve Article
Save Article
Like Article
  • Difficulty Level : Medium
  • Last Updated : 13 Jun, 2022

Security Testing is a type of Software Testing that uncovers vulnerabilities of the system and determines that the data and resources of the system are protected from possible intruders. It ensures that the software system and application are free from any threats or risks that can cause a loss. Security testing of any system is focused on finding all possible loopholes and weaknesses of the system which might result in the loss of information or repute of the organization. 

Goal of Security Testing: The goal of security testing is to:

  • To identify the threats in the system.
  • To measure the potential vulnerabilities of the system.
  • To help in detecting every possible security risks in the system.
  • To help developers in fixing the security problems through coding.

Principle of Security Testing: Below are the six basic principles of security testing:

  • Confidentiality
  • Integrity
  • Authentication
  • Authorization
  • Availability
  • Non-repudiation

Major Focus Areas in Security Testing:

  • Network Security
  • System Software Security
  • Client-side Application Security
  • Server-side Application Security

Types of Security Testing:

  1. Vulnerability Scanning: Vulnerability scanning is performed with the help of automated software to scan a system to detect the known vulnerability patterns.
  2. Security Scanning: Security scanning is the identification of network and system weaknesses. Later on it provides solutions for reducing these defects or risks. Security scanning can be carried out in both manual and automated ways.
  3. Penetration Testing: Penetration testing is the simulation of the attack from a malicious hacker. It includes an analysis of a particular system to examine for potential vulnerabilities from a malicious hacker that attempts to hack the system.
  4. Risk Assessment: In risk assessment testing security risks observed in the organization are analyzed. Risks are classified into three categories i.e., low, medium and high. This testing endorses controls and measures to minimize the risk.
  5. Security Auditing: Security auditing is an internal inspection of applications and operating systems for security defects. An audit can also be carried out via line-by-line checking of code.
  6. Ethical Hacking: Ethical hacking is different from malicious hacking. The purpose of ethical hacking is to expose security flaws in the organization’s system.
  7. Posture Assessment: It combines security scanning, ethical hacking and risk assessments to provide an overall security posture of an organization.
My Personal Notes arrow_drop_up
Recommended Articles
Page :

Start Your Coding Journey Now!