What is Security Testing and Why?
Security testing name itself you can able to find what does it’s mean. Simple definition security testing is a process or techniques which protect an information system or a application against enforceseen or unexpected action which cause it to stop functionality or being exploited.
Unexpected could be either intentional or unintentional.
Six basics security concepts –
I didn’t mention here any definition , rather then definition I believe on basic term. If I would have use some security term and definition I don’t think so it will going to help you guys. If you understand basic stuffs what exactly those automatically you can able to give definition by yourself . So better try to understand basic part if I am not wrong.
1.Confidentiality – Confidentiality which protect disclosed of information or ensuring Confidentiality.
Example: Very basic example your credit card information, SharePoint access etc.
2.Integrity – Integrity ensure the information send to receiver has not been received by other rather than origin for the information.
Example: An email shoot by you should be received by origin which ensures integrity. If email receives rather than origin integrity will not take place on this example.
3.Availablity: Availability very simple, Information will ready for use when expected.
Example : Any website which available for all the time but if during server down time user can’t access site availability won’t take place. Basic example a bank site if during server down time site is not accessible cause business lost.
4.Authentication- Authentication is a process of verifying that “Who you are?”
Example: You are employee of x organization so you will have badge id which is nothing but Authentication.
5. Authorization: It’s a process of verifying that you can have access to something or something they allow to do.
Example: Your employee of x organization so you are allowed to enter in to the building.
6. Non- Reputation: No Reputation is nothing but An action happen with full proved.
Example: Transaction of bank which is happening with full proved.
Why security testing ?
The security Risks are Real…
Vulnerabilities(defect) that exist in applications in not limited to one or few industry domains, instead study shows that almost all industry domains are adversely impacted by the presence of serious vulnerabilities and therefore have potential opportunities for exploitation by hackers.
Statistics also shows that majority (almost 75%) of the hacking occur at the application layer and hence the need to protect it is an obvious top priority.
Top Ten Vulnerability Classes in 2012 – WhiteHat Security
More topics: Types of Securtiy testing