What is Security Testing in Software Testing?

What is Security Testing?

Security Testing is a type of software testing that intends to uncover vulnerabilities of the system and determine that its data and resources are protected from possible intruders.

A security measure which protects against the disclosure of information to parties other than the intended recipient that is by no means the only way of ensuring the security.

Integrity:

A measure intended to allow the receiver to determine that the information provided by a system is correct.

Integrity schemes often use some of the same underlying technologies as confidentiality schemes, but they usually involve adding information to a communication, to form the basis of an algorithmic check, rather than the encoding all of the communication.

There are four main focus areas to be considered in security testing (Especially for web sites/applications):

• Network security: This involves looking for vulnerabilities in the network infrastructure (resources and policies).
• System software security: This involves assessing weaknesses in the various software (operating system, database system, and other software) the application depends on.
• Client-side application security: This deals with ensuring that the client (browser or any such tool) cannot be manipulated.
• Server-side application security: This involves making sure that the server code and its technologies are robust enough to fend off any intrusion.

EXAMPLE OF A BASIC SECURITY TEST

• This is an example of a very basic security test which anyone can perform on a web site/application:
• Log into the web application.
• Log out of the web application.
• Click the BACK button of the browser (Check if you are asked to log in again or if you are provided the logged-in application.)
• Most types of security testing involve complex steps and out-of-the-box thinking but, sometimes, it is simple tests like the one above that help expose the most severe security risks.

BUILDING TRUST

    There is an infinite number of ways to break an application. And, security testing, by itself, is not the only (or the best) measure of how secure an application is. But, it is highly recommended that security testing is included as part of the standard software development process. After all, the world is teeming with hackers/pranksters and everyone wishes to be able to trust the system/software one produces or uses.

Enjoy testing! If you like it above Testing related information then please kindly take a moment to share with your friends. You can add your suggestions/tips/questions below in the comments section. Definitely, I will try to answer of all questions as earliest. 

You may also like: 

Complete Testing Material

Testing basic interview questions