<<Complete Tutorial>> Next Post>>
What is Security Testing?
Security Testing is a type of Software Testing.
The purpose of Security Testing is to identify/uncover the Security Loopholes (i.e. Vulnerabilities or Security Bugs) in the given Software System (i.e. Applications, Databases, Machines, Operating Systems, Organizations, etc.).
Security Testing finds-out whether the data and resources related to the given Software System are protected from possible hacking/breaches/intrusions.
Let’s understand this with the help of an example.
Example: Performing Security Testing on the Login functionality of a Web Application.
As a Security Tester, we investigate the Login functionality of the given Web Application.
- Identify any Security Loopholes (i.e. Vulnerabilities) in the Login functionality implementation in the given Web Application, using which the Hacker can log in to the Web Application without having any login credentials.
If the Hacker is able to hack the Login functionality and intrude inside any User account on the Software System, the data (Maybe sensitive like a credit card information, etc.) of the User can be compromised and then later be used for purchasing by the hacker.
Difference between Security Testing and Hacking:
Most of the people who start learning Security Testing get confused by misunderstanding the Security Testing with Hacking.
Security Testing and Hacking are different.
In Security Testing, we just perform the checks on the given Software System. with the intention of compromising the System (i.e. To steal sensitive data in the System etc.)
In Hacking, the purpose is to identify any vulnerabilities in the Software System, with an intention of compromising the system (i.e. Say Stealing data in the System, etc.)
So, just because of this confusion between Security Testing and Hacking, most of the people interested in learning Security Testing end up in purchasing the Hacking Courses (which don’t provide any value in their Security Testing career).
Important Note:
Don’t ever perform Security Testing on any Application without having permissions to do so.
There are more chances of you being ending up in Jail if you do so.
In the upcoming articles, I will provide some sample applications where you can practice Security Testing.
Conclusion:
The purpose of Security Testing is to check whether the Software System under Test is safe from the hackers, by identifying/uncovering any security loopholes in the system in advance.
Next Steps:
- > For more Security Testing stuff, continue to the next post (Click on Next Post link below)
- > Check complete Security Testing Tutorial here (Click here)
Please leave your questions/comments/feedback below.
Happy Learning ?
<<Complete Tutorial>> Next Post>>
On a mission to contribute to the Software Testing Community in all possible ways.
next post link not working
Yes, we intentionally not provided it.
Will update this post and provide the link once the next article is ready.