Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Security Testing

QualiTest’s security testing services verify that the system's information data is protected and that the intended functionality is maintained -

  • Login to see the comments

Security Testing

  1. 1. Security Testing Services Test B eyon d th e Obviou s
  2. 2. • World’s 2nd Largest Independent Testing Company 2 • QA & Testing focus QA and Software Testing is all that we do! QualiTest Group
  3. 3. About QualiTest • Global Service delivery Model – Right Shore! Onshore, Near-Shore, Offshore and Crowd Testing • Results Based Testing (RBT) Contractual guarantees for quality Improvement & cost reduction • Managed Testing Solutions (MTS) Long term, SLA based testing outsourcing • Knowledge center for Global practices Customized testing solutions based on proven test methodologies and QualiTest’s unique perspective
  4. 4. QualiTest’s Strategic Statement: 4 Design & deliver the right industry & technology focused SQA solutions, leveraging our diversified business models & ability to gain a deep understanding of customer’s goals & challenges
  5. 5. Security Testing 5 QualiTest’s security testing services verify that the systems information data is protected and that the intended functionality is maintained
  6. 6. Features of Security Testing 6 QualiTest’s security testing process is comprised from the following activities: Capture and define security test requirements Define all entry points to the system Analyze potential threats and risk analysis based on the entry points
  7. 7. What is Security Testing 7 Security Testing is focused on unacceptable inputs and whether these inputs are likely to create significant failure in regards to the given requirements of the product under test The most important part of Security Testing is providing sufficient evidence to clients to show that their system and its information is safe and secure from unacceptable inputs
  8. 8. Information Security Terms 8 Some of the basic Information security terms are : Asset Anything that has value to an organization, subject to many kinds of threats Threat A potential cause of an unwanted incident, which may result in harm to a system or organization Vulnerability A weakness of an asset or group of assets that can be exploited by one or more threats Risk The potential that a given threat will exploit vulnerabilities to cause loss or damage to an asset or group of information assets and thereby cause harm to the organization Information Security The preservation of confidentiality integrity and availability of information
  9. 9. Vulnerabilities 9 There are established vulnerabilities and also tools which can help us identify common vulnerabilities in code: Top 10 Vulnerabilities • Injection Flaws (SQL Injection) • Malicious File Execution • Insecure Direct Object Reference • Cross Site Request Forgery (CSRF) • Information Leakage and Improper Error Handling • Broken Authentication and Session Management • Insecure Cryptographic Storage • Insecure Communications • Failure to Restrict URL Access
  10. 10. Deliverables of Security Testing 10 • A complete system breakdown, detailing your system’s structure and our plan for testing • A comprehensive defect report exhibits the details about any security weaknesses, each bug, its severity, and location. • On-going support is provided from a QualiTest senior test specialist to improve quality and incite continuous improvement.
  11. 11. Benefits 11 The benefits of using QualiTest’s Security testing services include: • Quality Insight • QualiTest’s can provide you with peace of mind and assurance of a clear insight into the quality of your system • No Lead Time • Reduce application time to market • Competitive pricing • Take advantage of our existing operation at competitive pricing • Quality Improvement • Our experienced testing engineers can increase your testing coverage and assure new quality standards
  12. 12. Thank You! w w w . Q u a l i Te s t G r o u p . c o m