In the last topic, we learned about Compatibility Testing and in this topic, we would learn about Security Testing. In this, we will see the introduction,example and why to use Security Testing. We do Security Testing so that the system protects our personal data. With Security Testing we will ensure that there are no loopholes in the application that cause any big loss. Security Testing’s goal is that it identifies the threats and measures the vulnerabilities. Security means only the authorized users get the access and the unauthorized are restricted. Now, we will see the types of Security Testing. Vulnerability Scanning, this is done by an automated software which scans the entire system so that it can find any vulnerability signatures. Security Scanning, with Security Scanning we will get to know that in the network or in the system is there any weakness or not. If there is any, we can fix it. This scanning can be automated or it can be manual as well. Penetration Testing, any malicious hacker, how he will penetrate in our website or in our application, for that we will do this Penetration Testing. So that we can save our application from penetration. Risk Assessment. Whatever findings we have found through Security Testing. What will we do? We will classify the risk in that; this is a low security, this is a medium security, this is a high security. In this way, we will classify all our risks. Security Auditing. Security Auditing is our internal inspection of the application and operating system, so that we can find security flaws in it. Auditing can also be done via line by line of code inspect. Ethical Hacking, this name is very popular. You must have heard about it a lot. Right? What is In this? the malicious hackers, okay! who steal our data, it is better that through Ethical Hacking, we expose the flaws in the and fix it. Posture Assessment, in this there is a combination of Security Scanning, Ethical Hacking and Risk Assessment. So that we can tell the overall security posture of the organization. What is the need for Security Testing? Now let’s see an example of Security Testing. What is the 1st step? Open a website. Here you can see that I have opened a website, I have opened the dummy website. Now, we will login in it. Okay, login is done. Now, what is written there? that click on the logout button. Then what is written? click on the browser back button and then see what happens. Come, let’s see. Now, we are in the application, we clicked on logout. We got a message that you have successfully signed out. Now, Think if I press this back button, Should my application already have a logged in or login page should come. Think. Use your brain and give answers. You got it? Let’s see. Right. What is coming, login page. That means security is added to this. From this example you must have understood why we do security testing and what effect it will have if the Security Testing is missed. We will do the Security Testing so that we won’t lose the trust of the users. Whatever online revenue that we are generating, that won't get any disturbance. If our website gets crashed, the time it will take to rebuild it, we can save that time. The cost that is involved, if our website gets any attacks in the future, if there are security flaws in our website and someone is searching them and crashing the website. The cost that we will incur that time we are saving it by doing Security Testing this time. Any legal implications or fees in which there are security measures or we want to use the security measures, for that also we will use Security Testing. We have legally performed the Security Testing on our website and our website is secure. We saw about Security Testing. We saw an example of one website and we also saw what is the need of security testing.Now, what will we do? Now, we will make a defect report.
Share a personalized message with your friends.