Software Testing - Security Testing

Security testing is about finding vulnerabilities in a system before attackers do — ensuring that data, applications, and infrastructure are protected against threats.

1. Purpose of Security Testing

  • Identify weaknesses that could be exploited.

  • Ensure compliance with security standards/regulations (e.g., ISO 27001, PCI DSS, GDPR).

  • Protect confidentiality, integrity, and availability of data and services.

2. Key Types of Security Testing

Type Goal
Vulnerability Scanning Automated scans to find known weaknesses (e.g., outdated software).
Penetration Testing Ethical hacking to exploit vulnerabilities like a real attacker.
Security Audit Manual/automated review of configurations, policies, and processes.
Risk Assessment Identifying and prioritizing potential security threats.
Posture Assessment Overall review of security readiness combining audits and assessments.
Ethical Hacking Simulating malicious attacks with permission to test defenses.
Static Application Security Testing (SAST) Code analysis without executing the program.
Dynamic Application Security Testing (DAST) Testing the running application for vulnerabilities.

3. Common Security Testing Areas

  • Authentication — Ensuring only legitimate users can log in.

  • Authorization — Verifying users can only access what they’re allowed to.

  • Data Protection — Encryption, secure transmission, and safe storage.

  • Session Management — Preventing hijacking or fixation attacks.

  • Input Validation — Protecting against SQL injection, XSS, command injection.

  • Error Handling — Avoiding information leaks in error messages.

  • API Security — Protecting endpoints from abuse.

4. Typical Process

  1. Define scope — What’s being tested (apps, networks, APIs, infrastructure)?

  2. Gather information — Reconnaissance to understand the system.

  3. Identify vulnerabilities — Use tools and manual checks.

  4. Attempt exploitation — See if vulnerabilities can be used to gain access or cause harm.

  5. Report findings — Document risks with proof of concept.

  6. Remediate and retest — Fix issues and verify they’re resolved.

5. Common Tools

  • OWASP ZAP

  • Burp Suite

  • Nmap

  • Nessus

  • Metasploit

  • Nikto

  • OpenVAS

  • Kali Linux toolset