Software testing is concerned
with evaluation of software products and related
artifacts to determine that they satisfy specified
requirements, to demonstrate that they are fit for
purpose and to detect defects.
Security testing verifies and validates
software system requirements related to security properties
like confidentiality, integrity, availability, authentication,
authorization and non-repudiation. Sometimes security properties
come as classical functional requirements e.g. “user accounts
are disabled after three unsuccessful login attempts” which
approximates one part of an authorization property and is aligned
with the software quality standard ISO/IEC 9126  defining
security as functional quality characteristic. However, it
seems desirable that security testing directly targets the above security
properties, as opposed to taking the detour of functional tests of
security mechanisms. This view is supported by the ISO/IEC 25010
 standard that revises ISO/IEC 9126 and introduces Security
as a new quality characteristic which is not included in the
characteristic functionality any more.
Types of Security Testing
Vulnerability Scanning: Vulnerability scanning is performed
with the help of automated software to scan a system to detect
known vulnerability patterns.
Security Scanning: Security scanning is the identification
of network and system weaknesses. Later on, it provides solutions
for reducing these defects or risks. Security scanning can be carried
out in both manual and automated ways.
Penetration Testing: Penetration testing is the simulation of
the attack from a malicious hacker. It includes analysis of a
particular system to examine for potential vulnerabilities from
a malicious hacker who attempts to hack the system.
Risk Assessment: In risk assessment testing security risks
observed in the organization are analyzed. Risks are classified
into three categories i.e. low, medium and high. This testing
endorses controls and measures to minimize the risk.
Security Auditing: Security auditing is an internal
inspection of applications and operating systems for security
defects. An audit can also be carried out via line-by-line checking
Ethical Hacking: Ethical hacking is different from malicious hacking.
The purpose of ethical hacking is to expose security flaws in the
Posture Assessment: It combines security scanning, ethical
hacking and risk assessments to provide an overall security posture of an
Application Security Testing: Application security testing is a type
of testing that focuses on identifying vulnerabilities in the application itself.
It includes testing the application’s code, configuration and dependencies to
identify any potential vulnerabilities.
Network Security Testing: Network security testing is a type of testing
that focuses on identifying vulnerabilities in the network infrastructure.
It includes testing firewalls, routers and other network devices to identify
Principles of Security Testing
Below are the six basic principles of security testing:
Major Focus Areas in Security Testing
- Network Security System Software Security
- System Software Security
- Authentication and Authorization: Testing the system’s ability
to properly authenticate and authorize users and devices. This includes
testing the strength and effectiveness of passwords, usernames and other
forms of authentication as well as testing the system’s access controls and
- Server-side Application Security
- Client-side Application Security
- Network and Infrastructure Security: Testing the security of the
system’s network and infrastructure, including firewalls, routers and other
network devices. This includes testing the system’s ability to defend against
common network attacks such as Denial of Service (DoS) and Man-in-the-Middle
- Database Security: Testing the security of the system’s databases,
including testing for SQL injection, cross-site scripting and other types of