• INTRODUCTION TO SECURITY TESTING AND ITS TYPES

    Tech Industry News
    23rd January 2010 - By admin

    INTRODUCTION TO SECURITY TESTING AND ITS TYPES

    Security Testing: ‘Security testing’ makes sure that only the authorized personnel can access the program and only the authorized personnel can access the functions available to their security level. Security testing of any developed system or (system under development) is all about finding the major loopholes and weaknesses of a system which can cause major harm to the system by an authorized user.

    Security testing is very helpful for the tester for finding and fixing of problems. It ensures that the system will run for a ling time without any major problem. It also ensures that the systems used by any organization are secured from any unauthorized attack. In this way security testing is beneficial for the organization in all aspect.

     Different types of security testing in any organization are as follows:

     1.      Security Auditing and Scanning: ‘Security Auditing’ includes direct inspection of the operating system and of the system on which it is developed. While in ‘Security Scanning’ the auditors scanned the operating system and then tries to find out the weaknesses in the operating and network.

    2.      Vulnerability Scanning: Various vulnerability scanning software performs ‘Vulnerability Scanning’, which involves the scanning of the program for all known vulnerability.

    3.      Risk Assessment: ‘Risk Assessment’ is a method in which the auditors analyze the risk involved with any system and all the probability of loss which occurs because of that risk and it is analyze through interviews, discussions etc.

     4.      Posture Assessment and Security Testing: ‘Posture Assessment and Security Testing’ helps the organization to know where it stands in context of security by combining the features of security scanning, risk assessment and ethical hacking.

    5.      Penetration Testing: ‘Penetration Testing’ is an effective way to find out the potential loopholes in system and it is done by a tester who forcibly enters into the application which is under test. A tester enters into the system with the help of combination of loopholes that the application has kept open unknowingly.

     6.      Ethical Hacking: ‘Ethical Hacking’ involves large no. of penetration test on a system under test. To stop the forced entry of any external elements into a system which is under security testing.

     References:

     1.      Software testing-Brief introduction to security testing by Nilesh Parekh  published on 14-07-2006.

     2.      Software testing glossary.

     3.      Open source security testing methodology manual of PETE HERZOG and the    institute for security and open methodology-ISECOM.

     

     

    Article Source:http://www.articlesbase.com/information-technology-articles/introduction-to-security-testing-and-its-types-1766768.html

  • No comments yet.

    RSS feed for comments on this post.