The why and how of Security Testing.
Views:708 |
By:
Kim
If you have ever wanted to find out how vulnerable your software is, then you have thought about security testing. This involves identifying the risks, threats and loopholes in the software with the intent of profiling and handling those risks to keep intruders away.
Below are some of the critical testing activities you need to perform;
1. Security Auditing - Inspection of applications to identify flaws.
2. Security Scanning - Identifying system and network weaknesses which are then accessed and prioritized for addressing.
3. Penetration Testing - Simulation of attacks from a malicious hacker in order to identify potential vulnerabilities.
4. Vulnerability Scanning - Use of automated software to scan an application against known vulnerability signatures.
5. Risk Assessment - Involves analysis of identified security risks, categorizing them and recommending measures to reduce them.
Some tools to use;
# OWASP - Open Web Application Security Project has a number of tools including "Zed Attack Proxy" for penetration testing.
# Acunetix - A tool that helps in identifying a wide range of web security challenges.