Web Testing: Important scenario on Security Testing

We have seen above addressed all major web testing methods. During worked for around 3 years out of my testing career on web testing. If I missed out addressing any important web testing aspect then please let me know in comments below. I will keep on updating the article for latest testing information as soon as possible.


Important scenario on Security Testing

  • Try to some invalid inputs in input fields like login username, password, text boxes. Check the system reaction or responses on all invalid inputs.
  • Web directories or files should not be accessible directly unless given download option.
  • Test if SSL is used for security measures. If used proper message should get displayed when user switch from non-secure http:// pages to secure https:// pages and vice versa.
  • All transactions, error messages, security breach attempts should get logged in log files somewhere on web server.

Types of Security Testing as:

Vulnerability Scanning:

This is done through automated software to scan a system against known vulnerability signatures.

Security Scanning:

Involves identifying network and system weaknesses, and later provides solutions for reducing risks. This scanning can be performed for both Manual and Automated scanning.

Penetration testing:

This testing involves analysis of a particular system to check for potential vulnerabilities to an external hacking attempt also This kind of testing simulates an attack from malicious hacker

Risk Assessment:

It involves the analysis of security risks observed in the organization. Risks are classified as  Low, Medium and High. Risk Assessment recommends controls and measures to reduce the risk.

Security Auditing:

This is internal inspection of Applications and Operating systems for security flaws. Audit can also be done via line by line inspection of code

Ethical hacking:

It is hacking an Organization Software systems. Unlike malicious hackers ,who looking their own gains , the intent is to expose security flaws in  the system. Its verify challenging testing apart from other web testing.

Posture Assessment: Posture Assessment means Ethical Hacking and Risk Assessments to show an overall security posture of an organization.

Above all are the important we seen regarding security testing, Soon I will share more information about security testing.

Share This Post

Post Comment