Security Testing - Types

Thinking about the different types of Security testings that we can do and also classifying them into the right buckets is very important.To summarise them Black box Testing ( Pen Testing)
  • Little or no information is provided about the target
  • Testing techniques start with looking for specific vulnerability signs but quickly moves into unscripted exploitation , trial & error
  • Testing focusses on manipulating inputs and evaluating the responses
  • A form of reverse engineering of exposed functionality
White box or Crystal box testing ( Not Pen Testing)
  • Includes security focussed testing like - Source code reviews, authenticated vulnerability assessments & configuration audits
  • More of a scripted test looking for specific items
Grey box Testing ( Optimised Pen testing
  • Testing that uses black box techniques with greater visibility and/or access to the application to optimise testing

Vinay Jagtap

A hard core Technocrat with over a decade of extensive experience in heading complex test projects coupled with real time experience of project management and thought leadership. Extensive experience in Performance, Security and Automation Testing and development of automation frameworks and ability to setup and execute Global service centers and Center of Excellences for testing.

Get Free Email Updates to your Inbox!

Powered by Blogger.


Total Pageviews

Copyright © T R I A G E D T E S T E R