Revision as of 15:40, 30 January 2023 edit Adwerald (talk \| contribs) 58 edits →Tools: added a link to SCA page ← Previous edit		Revision as of 10:58, 12 August 2023 edit undo Sauer202 (talk \| contribs) Extended confirmed users 21,373 edits No edit summary Next edit →
Line 3: {{Information security}} '''Security testing''' is a process intended to reveal flaws in the [[security]] mechanisms of an [[information system]] that ~~protect~~protects data and ~~maintain~~maintains functionality as intended.<ref>M Martellini, & Malizia, A. (2017). Cyber and chemical, biological, radiological, nuclear, explosives challenges : threats and counter efforts. Springer.</ref> Due to the logical limitations of security testing, passing the security testing process is not an indication that no flaws exist or that the system adequately satisfies the security requirements. Typical security requirements may include specific elements of [[confidentiality]], [[integrity]], [[authentication]], availability, authorization and [[non-repudiation]].<ref>"Introduction to Information Security" US-CERT https://www.us-cert.gov/security-publications/introduction-information-security</ref> Actual security requirements tested depend on the security requirements implemented by the system. Security testing as a term has a number of different meanings and can be completed in a number of different ways. As such, a Security Taxonomy helps us to understand these different approaches and meanings by providing a base level to work from.

Security testing: Difference between revisions