Hello everyone, I am a test development engineer. Let's learn how to do security testing together today.
What is Security Testing?
Security testing is a type of software testing that is used to discover vulnerabilities, threats, and risks in software applications and prevent malicious attacks from intruders. The purpose of security testing is to find out all loopholes and weaknesses in the software system that may cause loss of information, income and reputation to our employees or outsiders.
Why is security testing important? [There are security testing supporting resources at the end of the article (free sharing)]
The main goal of security testing is to identify threats in a system and measure its potential vulnerability so that when a threat is encountered, the system does not stop working or is not exploited. It also helps to detect all possible security risks in the system and helps developers to solve problems through coding. Types of Security Testing in Software Testing According to the Open Source Security Testing Methodology Handbook, there are seven main types of security testing.
Vulnerability Scanning : This is done through automated software that scans the system for known vulnerability signatures.
Scanning : involves identifying network and system weaknesses and then providing solutions to mitigate those risks. This scan is available for manual and automatic scans.
Penetration testing : This type of testing simulates an attack from a malicious hacker. This type of testing includes the analysis of specific systems to check for potential vulnerabilities to external hacking.
Risk Assessment : This testing includes an analysis of the security risks observed in the organization. Risk is categorized as low, medium, or high. The test recommends controls and measures to reduce risk.
Security Audit : This is an internal check for application and operating system security deficiencies. Auditing can also be done by checking the code line by line
Ethical Hacking : It is hacking into an organization's software systems. Unlike malicious hackers who steal for their own gain, their purpose is to expose security holes in the system.
Security Posture Assessment : It combines security scanning, ethical hacking, and risk assessments to show an organization's overall security posture.
How to Do Security Testing The consensus is that it would be more costly if we postponed security testing until after software implementation or deployment. Therefore, it is necessary to conduct security testing in the early stages of the SDLC life cycle.
Let us examine the corresponding security processes employed at each stage in the SDLC
| SDLC stage |
security process |
| need |
Security analysis, checking for abuse/misuse |
| design |
Security risk analysis at design time. Develop a test plan, including security testing |
| Coding and unit testing |
Static and dynamic testing and security white box testing |
| Integration Testing |
black box testing |
| System test |
Black box testing and vulnerability scanning |
| implement |
penetration testing, vulnerability scanning |
| support |
Patch Impact Analysis |
The test plan should include
Security-related test cases or scenarios
Test security test related data
The tools you need to test your security tests
Analyze various test outputs from different security tools
Security Test Scenario Example Security Test Scenario to give you an idea of security test cases -
Password must be in encrypted format
The application or system should not allow invalid users
Check application cookies and session time
For financial websites, the browser's back button should not work.
Methods/methods/techniques of security testing In security testing, different testing methods will be adopted, the specific methods are as follows:
Tiger Box: This type of hacking is usually performed on a laptop, which has an operating system and a collection of hacking tools. This testing helps penetration testers and security testers in vulnerability assessment and attacks.
Black Box: Testers are empowered to test all aspects of network topology and technology.
Gray box: Partial information about the system is provided to the tester, it is a mix of white box model and black box model.
security testing role
hacker - unauthorized access to a computer system or network
Attacker – breaks into the system to steal or destroy data
Ethical Hacking - Performs most of the sabotage, but with the owner's permission
Script Kiddies or monkey testing (random testing) - inexperienced hackers with programming language skills
Security Testing Tools 1) Acunetix Intuitive and easy to use, Acunetix by Invicti helps small and medium organizations ensure their web applications are safe from costly data breaches. It solves various network security issues by detecting them and helping security and development professionals take quick action on them. Features:
Advanced scan for 7000+ web vulnerabilities, including OWASP top 10 such as SQLi and XSS
Automatic discovery of web assets for identifying abandoned or forgotten websites
Advanced crawling of the most complex web applications, incl. Multiple forms and password protected fields
Combine interactive and dynamic application security testing to find vulnerabilities other tools miss
Provides exploit proofs for many types of vulnerabilities
Automate DevOps by integrating popular issue tracking and CI/CD tools
Compliance reporting for regulatory standards such as PCI DSS, NIST, HIPAA, ISO 27001, and more.
2) Intruder Intruder is a powerful automated penetration testing tool that can find security weaknesses in your IT environment. Offering industry-leading security checks, continuous monitoring and an easy-to-use platform, Intruder keeps businesses of all sizes safe from hackers. Features:
Best-in-class threat coverage with over 10,000 security checks
Check for configuration flaws, missing patches, application flaws such as SQL injection and cross-site scripting, etc.
Automatically analyze and prioritize scan results
Intuitive interface to quickly set up and run your first scan
Actively monitor for the latest security vulnerabilities
AWS, Azure and Google Cloud Connectors
API to integrate with your CI/CD pipeline
3) The Owasp Open Web Application Security Project (OWASP) is a global non-profit organization dedicated to improving software security. The project has multiple tools to test various software environments and protocols. The project's flagship tools include
Zed Attack Proxy (ZAP - Integrated Penetration Testing Tool)
OWASP Dependency Check (scans project dependencies and checks for known vulnerabilities)
OWASP Web Test Environment Project (a collection of security tools and documentation)
4) WireShark Wireshark is a network analysis tool formerly known as Ethereal. It captures packets in real time and displays them in a human readable format. Basically, it's a network packet analyzer - it provides detailed information about network protocols, decryption, packet information, etc. It is open source and available on Linux, Windows, OS X, Solaris, NetBSD, FreeBSD, and many other systems. Information retrieved by this tool can be viewed through GUI or TTY mode TShark utility.
5) W3afW3af is a web application attack and audit framework. It has three types of plugins; discovery, audit and attack that communicate with each other for any vulnerabilities in the site, for example the discovery plugin in w3af looks for different urls to test for vulnerabilities and forwards them to the audit plugin which then uses those urls to search for vulnerabilities .
Myths about Security Testing Let’s talk about an interesting topic of myths and facts about security testing:
误解1:我们公司规模小,不需要安全策略Fact: Everyone, Every Company Needs a Security Policy
误解2:安全测试的投资没有回报Fact: Security testing can point to areas for improvement, leading to increased efficiency and reduced downtime for maximum throughput.
误解3:唯一安全的方法就是拔掉插头。Fact: The only and best way to ensure the security of an organization is to find "perfect security". Perfect security can be achieved by performing a posture assessment and comparing it with business, legal and industry justifications.
误解4:互联网不安全。我会购买软件或硬件来保护系统和挽救业务。Fact: One of the biggest problems is buying software and hardware for security. Instead, organizations should first understand security and then apply it.
Conclusion: Security testing is the most important test of an application to check whether confidential data is kept secret. In this type of testing, the tester takes on the role of the attacker, looking for security-related bugs in the system. Security testing is very important in software engineering and data can be protected in various ways.
If the article is helpful to you, remember to like, bookmark, and add attention. I will share some dry goods from time to time...
END meager strength
Finally, I would like to thank everyone who has read my article carefully. Seeing the fans’ growth and attention all the way, there is always a need for reciprocity. Although it is not a very valuable thing, you can take it away if you need it:
These materials should be the most comprehensive and complete preparation warehouse for [software testing] friends. This warehouse has also accompanied tens of thousands of test engineers through the most difficult journey. I hope it can help you too!
加入我的软件测试交流群:110685036免费获取~(同行大佬一起学术交流,每晚都有大佬直播分享技术知识点)Software testing interview applet
The software test question bank maxed out by millions of people! ! ! Who is who knows! ! ! The most comprehensive quiz mini program on the whole network, you can use your mobile phone to do the quizzes, on the subway or on the bus, roll it up!
The following interview question sections are covered:
1. Basic theory of software testing, 2. web, app, interface function testing, 3. network, 4. database, 5. linux
6. web, app, interface automation, 7. performance testing, 8. programming basics, 9. hr interview questions, 10. open test questions, 11. security testing, 12. computer basics
method of obtaining:
