Security Testing


Image

Security testing is a process that is performed with the intention of revealing flaws in security mechanisms and finding the vulnerabilities or weaknesses of software applications

 Proficiency

Jaiswal’s prime objective of security testing is to find out how vulnerable a system may be and to determine whether its data and resources are protected from potential intruders. Security testing is more effective in identifying potential vulnerabilities when performed regularly.

                                                    Security Testing Operating Model

1_Security Architecture Study

The first step is to understand the business requirements, security goals, and objectives in terms of the security compliance of the organization.

2_Security Testing Tool identification

All security testing cannot be executed manually, so identify the tool to execute all security test cases faster & more reliably.

3_Security Architecture Analysis

Understand and analyze the requirements of the application under test.

4_Test Planning

Based on identified Threat, Vulnerabilities and Security Risks prepare test plan to address these issues.

5_Test Case Preparation

Prepare the Security tests case document.

6_Threat Modelling

Based on above step, prepare Threat profile.

7_Traceability Matrix Preparation

For each identified Threat, Vulnerabilities and Security Risks prepare Traceability Matrix.

8_Test Case Execution

Perform the Security Test cases execution and retest the defect fixes. Execute the Regression Test cases.

9_Classify Security Testing

Collect all system setup information used for development of Software and Networks like Operating Systems, technology, hardware. Make out the list of Vulnerabilities and Security Risks.

10_Reports

Prepare detailed report of Security Testing which contains Vulnerabilities and Threats contained, detailing risks, and still open issues etc.