A secure product protects customers' information and system resources from unauthorized access. As a software tester, it is important to understand why hackers may try to break into software in order to think of where security vulnerabilities could exist. Threat modeling involves assembling a team to identify assets, architecture, potential threats, and their risks to find areas of the software's features that may be vulnerable to security issues. Testing for security bugs should approach testing as "test-to-fail" by attacking the software like a hacker would to assume every feature could have a vulnerability.

1. Testing Software Security




A secure product is a product that protects the confidentiality,
integrity, and availability of the customers' information, and the
integrity and availability of processing resources, under control
of the system's owner or administrator.
A security vulnerability is a flaw in a product that makes it
infeasible even when using the product properly to prevent an
attacker. Hacker:One who uses programming skills to gain
illegal access to a computer network or file.
As a software tester it's important to understand why someone
may want to break into your software.
Understanding their intent will aid you in thinking about where
the security vulnerabilities might be in the software you're
testing.

2. Understanding the Motivation of
Hacker

The five motives that a hacker might have to gain
access to a system are
–
–
–
–
–
Challenge/Prestige: when someone breaks into a system purely for the
challenge of the task and the prestige
Curiosity: The hacker will peruse the system looking for something
interesting
Use/Leverage: Here the hacker will actually attempt to use the system for
his own purpose.
Defacing, Destruction, and Denial of Service: Defacing is changing the
appearance of a website. Destruction takes the form of deleting or altering
of data stored on the system. Denial of service is preventing or hindering
the hacked system from performing its intended operation.
Steal: intent is to find something of value that can be used or sold. Credit
card numbers, personal information, goods and services, even login IDs
and email addresses, all have value to the hacker.

3. Threat Modeling





To look for areas of the product's feature set to
security vulnerabilities.
Choose to make changes to the product.
Spend more effort designing certain features, or
concentrate testing on potential trouble spots.
Ultimately it will result in a more secure product.
Unless everyone on the product development team
understands and agrees to the possible threats, your
team will not be able to create a secure product.

4. Threat Modeling
complex system requires comprehensive threat modeling to identify security
vulnerabilities.

5. Steps of Threat Modeling Process
 Assemble
the threat modeling team
 Identify the Assets.
 Create an Architecture Overview
 Decompose the Application.
 Identify the Threats.
 Document the Threats.
 Rank the threats.

6. Testing for Security Bugs




Testing for security bugs is a test-to-fail activity.
Tester won't necessarily be given a product
specification that explicitly defines how software
security is to be addressed.
Nor will he be able to assume that the threat model
is complete and accurate.
Tester will need to put on "test-to-fail" hat and attack
the software much like a hacker would assuming that
every feature has a security vulnerability.

7. Testing for Security Bugs




Testing for security bugs is a test-to-fail activity.
Tester won't necessarily be given a product
specification that explicitly defines how software
security is to be addressed.
Nor will he be able to assume that the threat model
is complete and accurate.
Tester will need to put on "test-to-fail" hat and attack
the software much like a hacker would assuming that
every feature has a security vulnerability.