Member-only story
Testing in Secure Software Development
This is such an important phase in secure software development. We have to make sure that the system is really as secure as required. In other words, the goal of the testing stage is to make sure the system is really secure.
The system can be secured by architecture and of course we follow secure coding practices. But we have to make sure what we ended up is really secure.
There are two types of testing that are security related and must be performed to ensure the system is secure.
- Penetration Testing
- Load Testing
Penetration Testing
This is special type of testing which simulate an attack on the system. The purpose of penetration testing is to find weaknesses in the system that allow attackers to gain unauthorized access to the system.
The attacker can do whatever he wants including getting data and causing damage to data using this unauthorized access.
Penetration testing protects against,
- Data Leak
- Data Loss
- Data Inconsistency
- Disruption of Service
There are two types of Penetration Testing.
- Black Box
