The testing type which perform with the intention of finding the vulnerabilities in the developed system and ensures that data and system are protected from unintended access is called Security Testing. Security testing performed with the goal of finding possible vulnerability and security risk which may cause loss of information.
Just like any testing type, including security testing in a later stage of development could be the harmful and expensive step. So it is always recommended to start security testing with the early development.
Types of security testing
Vulnerability Testing: It is performed with the help of automated tools and scan the entire system against the set vulnerabilities.
Security Scanning: In this testing mainly we try to identify the weakness in system and network.
Penetration Testing: In this testing we try to check the response of the system for the external hacking attempt.
Risk Assignment: This one can be done with the intention of finding risk within the organization. In the real world, 4 levels of risks are identified and those are Critical, High, Moderate, and Low. In this testing, we try to control and monitor all risk associated with the system.
Security Auditing: Auditing is done by looking into line by line code of the system. Finding the security flaws are the main intention behind this testing.
Ethical Hacking: Getting the access to the system without having rights of the system.
SQL Injection: This is performed with the help of SQL statements. These statements are inserted within the system from the web application.
URL Manipulation: Sometimes web application transfer data with the help of URL, in this testing tester, try to insert some invented data in the system by modifying the data in URL.
Spoofing: Creating the duplicate site which look like an original site and forcing the user to provide their credentials.
XSS: Here we try to insert some code from the front end of the web application. Usually, no web application should accept the script from the front end or user interface.