Wednesday, April 15, 2009

What is Security Testing?

Security Testing

Security testing is the process of attempting to create test cases that challenge the program's security checks. The six basic security concepts that need to be covered by security testing are: confidentiality, integrity, authentication, authorization, availability and non-repudiation. Usefulness of security testing can be enhanced by focusing on the points where security has the highest probability of being compromise.

Few Security Testing Documents:

Guideline on Network Security Testing
Recommendations of the National Institute of Standards and Technology

Network Security

Software Security Testing includes What’s so different about security?, How to approach security testing, example etc

Software Security Testing

Security Testing Process in SDLC includes Security Testing approach, Security testing Environment etc

Security Testing Process in SDLC

Security Testing: What Fresh Hell Is This?

Security Testing

Design for security up front - steps in determining the security requirements etc

Design for security

Also See:
Web Application Security Testing