More Related Content
Similar to Fundamental Aspects of Security Testing
Similar to Fundamental Aspects of Security Testing (20)
Fundamental Aspects of Security Testing
- 2. © 2014 BeQurious Software Inc. 2
• Authentication and Authorization
• Session Management
• Auditing/Logging
• Denial of Service
• Input Validation and Parameter
Manipulation
Application Security
Penetration Testing
• Automated Code review for security
vulnerabilities
• Denial of Service
• Detection of vulnerable functions &
procedures
Security Code Review
• SQL Injection
• Testing database security including
database permissions and privileges
• Testing data format integrity and
referential integrity
• Penetration test of database using a
variety of tools
Database penetration
Testing
SecurityTestingOfferings
Security Testing - Offerings
- 3. © 2014 BeQurious Software Inc. 3
Application Security – Context Diagram
To secure an application we propose to analyze the following
components
Application requirements – what should and should not happen
Test the vulnerabilities and requirements using standard tools and test
cases
Input Validation Session Management
Authentication
Audit
Authorization
Non-Repudiation
Data Masking/
Sensitive Data
Cryptography
Configuration
Management
Exception
Management
Static Code
Analysis
External
Dependencies
- 4. © 2014 BeQurious Software Inc. 4
Security Testing - Approach
• Enables in understanding how newer and constant evolving threats affect your
environment
• Malicious – People and Code
- 5. © 2014 BeQurious Software Inc. 5
Bqurious Offering – Process Optimization
Business
Analyst
Development
Team
Distributed QA
Team
QA Management
& Leadership
Provides centric platform to manage end to end Software test life cycle
Enables to Manage and Share your test asset via browser access which can be reviewed
anytime to get the sense of process adherence
Enforce projects to follow standardize testing process
• Test assets are shared across via browser access
• Constant traceability between requirement and test assets
• Built-in grammar enforces to get rid of tester’s own style of writing test cases and follow
standards
- 6. © 2014 BeQurious Software Inc. 6
Thank You
For more information:
2350 Mission College Blvd, Suite1152
Santa Clara, CA 95054, USA
Phone: 1-802-221-0004 (USA)
Phone: +91-9871816669(India)
http://www.bqurious.com
mailto:info@bqurious.com