Security Testing is a software testing, in which it is tested whether the software can defend itself from threat, cyber attack, vulnerabilities, hacking, etc. This testing ensures that the software modules are coupled well and does not contain any loopholes which can leak information.
Security testing is a broader concept and must be explained in an elaborate way.
First, let us see what are the major consequences and compromises that might occur due to the lack of security in the software.
There are different reasons for security testing and the list will go long.
Below are the different types of Security Testing listed which are the major testing types and can remove almost all kinds of threats and assure a healthy software. They are:
Vulnerability Scanning is a security testing technique, in which the weakness in software is checked. This scanning is designed by experts and is made to run in the real system. Vulnerability scanning can also be used by the attackers for gaining access to the user's system.
There are different types of vulnerability scanners. They are:
It should be understood that this is a fully automated system which is used to scan vulnerabilities.
Security scanning is also carried out for finding out network security issues, and weaknesses and flaws in software or the system. In this kind of testing, the scanning is carried out with softwares which are itself automated.
In penetration testing, the testing is carried out by simulating a cyber attack on the target computers or softwares to check whether the system deals with the attack or breaks. This is carried out mainly to check exploitable vulnerabilities.
The steps involved in penetration testing are as follows :
In this phase, the goals of the test are identified. And all the configurations, such as the network, domain, server, etc are checked and all the information are collected.
In this phase, the behavior of the system or the software is analyzed during the test time. This is done in two ways. One is the Static Analysis and the other is the Dynamic Analysis. In the static analysis, the code behavior is calculated without running the code.
On the other hand, dynamic analysis, the code behavior is analyzed while running the code. This is more accurate and practical as this is a real-time process and carried out directly in the runtime.
This is done, to break the safety of the software. This is done by implementing some methods like the SQL injection, phishing, cross-site scripting, etc and seen whether the security is breached.
This is a planned process and the test cases, that is the attacking scenario are created from the attackers perspective. This is a practical test and can directly assure the testing team whether the software is safe or not.
This testing is carried out to see whether the attack in the software or system is a persistent one. For example, an attacker may steal session and can gain access, but when a different IP is sensed by the system, the session is destroyed which interrupts the attacker to continue with the in-depth access.
There are cases when it's seen that, it becomes harder to protect the software for micro-second, as it takes some time to deal with the vulnerability and take necessary action. This time of action is checking in this testing.
In this phase, the data gathered is collected and recorded as a part of the testing output. The data is the number of vulnerabilities explored, the time duration for which the attack was persisting, and the data itself was accessed by the attacks.
There are several penetrating methods. They are:
Risk assessment is carried out to discover risks, identify security flaws, and perform a security audit. There are two components of a security test:
It is a process of creating a simulator and performing a hacking to analyze the strength of the software in dealing with the security breach.
This can be performed either in automatic or manual modes. In the manual process, there is a team of hacking experts who perform the hacking and the tester analyze the scenario.
In the automated process, there are simulators which are programmed to perform a hacking on the software or the system.
The below diagram will make the entire idea clear :
As we have seen in the diagram, security testing is a vast term, and there are different types of it, we have seen only the major types.
A simple example in security test would be, entering credentials into the software and logging in and then logging out. And going back and trying to tap the forward key and seeing whether the login page appears without asking for the credentials.
If this happens, then the software is not safe at the basic level itself.
Now one might think that it is a very simple issue, but that's not true. The login should create a session for the user having the appropriate credentials and as the logout button is clicked, the user should be logged out, and the session should be destroyed.
Let us take an example of a popular method of attack- The Brute Force Attack
In this method, the attacker will generate all the possible combination of the credentials which are possible. This method looks easier, but no one can say when the valid credential will reach and the attacker will be able to get into the system of the admin page.
Suppose, that the administrator ID is guessed as admin and password is guessed as a two digit number. The diagram is shown below:
As shown in the above diagram, in the Brute-force method, the attacker, trying with all the possible combinations of the credentials of ID and Password. This is a Brute-force attack and the attacker does not have any idea, that after which combination, the credentials will match and it will log in.
This method is so popular for small systems and in case of the system where guessing password may be nearly impossible.
Now, while carrying out a security test, this method is applied with the help of a simulator and the time is measured between the initiation of the attack and the time of login or gaining access.
There are several methods which are used by the attacker and the same are applied by the tester while performing security testing.