Chapter 14 : Security Testing

What is Security Testing?

Security testing is a process to determine whether the system protects data and maintains functionality as intended.

Security testing aims to find out all possible weaknesses of the system in the starting stage itself to avoid inconsistent system performance, unexpected breakdown, loss of information, loss of revenue, loss of customer’s trust.

It comes under Non-functional Testing.

We can do security testing using both manual and automated testing tools and techniques. Security testing reviews the existing system to find vulnerabilities.

Most of the companies perform security testing on newly deployed or developed software, hardware, and network or information system environment. But it’s highly recommended by experts to make security testing as a part of information system audit process of an existing information system environment in detecting all possible security risks and help developers in fixing them.

Security testing aims at covering following basic security components

  1. Authentication
  2. Authorization
  3. Availability
  4. Confidentiality
  5. Integrity
  6. Non-repudiation

Why Security Testing is Important?

Security testing is important due to the increase in the number of privacy rift that websites are facing today. In order to avoid these privacy rift, software development organizations have to adopt security testing in their development strategy based on testing methodologies and latest industry standards.It is important to adopt Security Process in each and every phase of SDLC.

Requirement Phase: Security analysis of all the requirements
Design Phase: Implementation of Test Plan including Security tests.
Code & Unit Testing: Security White Box Testing
Integration Testing: Black Box Testing
System Testing: Black Box Testing & Vulnerability Scanning
Implementation of System Testing: Penetration Testing & Vulnerability Scanning
Support: Impact Analysis

Top Vulnerabilities:

Security tests include testing for vulnerabilities as follows

  • SQL Injection
  • Cross-Site Scripting (XSS)
  • Session Management
  • Broken Authentication
  • Cross-Site Request Forgery (CSRF)
  • Security Misconfiguration
  • Failure to Restrict URL Access
  • Secure Data Exposure
  • Insecure Direct Object Reference
  • Missing Function Level Access Control
  • Using Components with Known Vulnerabilities
  • Unvalidated Redirects and Forwards

Types of Security Testing:

There are seven main types of security testing 

Vulnerability Scanning: In vulnerability scanning we just identify and report the vulnerability using vulnerability scanning tools. It’s the first step to improve the security of a system. A vulnerability assessment report should contain the title, the description and the severity of a vulnerability.

Security Scanning: Security scanning is done to find weak points in the security of network and system and also provides solutions to reduce these risks.

Penetration Testing: In Penetration testing we identify the vulnerabilities and attempt to exploit them using penetration testing tools. We repeat the same penetration tests until the system is negative to all those tests.

Risk Assessment: Risk assessment involves reviewing and analyzing security risks that later will be prioritized as Low, Medium and High. It also recommends possible ways to prevent the risk.

Security Auditing: Security auditing is the procedure of defining security flaws. It is an internal inspection of systems to find security flaws. In some cases, an audit is done via line by line inspection of code

Ethical Hacking: Ethical hacking is done on a system with an intent to find and expose security issues in the system. Ethical hacking is done by a white hat hacker. White hat hacker is a security professional who uses their skills in a legitimate manner to reveal the defects of a system.

 Assessment: Posture assessment is a combination of security scanning, ethical hacking, and risk assessment to present the security posture of a system or organization.

Security Testing Tools:

To find the flaws and vulnerabilities in a web application, there are many free, paid, and open source security testing tools available in the market. We know that the advantage of open source tools are we can easily customize it to match our requirements. We are here to show some of the top open source security testing tools.

We use security testing tools for checking how secure a website or web application is.

Open Source Security Testing Tools: Some of the open source security testing tools are Zed Attack Proxy, Wfuzz, Wapiti etc.,

Commercial Security Testing Tools: Some of the commercial security testing tools are GrammaTech, Appscan, Veracode etc.,

From above theory we can say that how important is security testing in current days. It aims to find out all possible ambiguity and weaknesses of the system. Testers play a role of an attacker to find out security related bugs in the system.