Revision as of 10:58, 12 August 2023 edit Sauer202 (talk \| contribs) Extended confirmed users 21,373 edits No edit summary ← Previous edit		Revision as of 11:03, 12 August 2023 edit undo Sauer202 (talk \| contribs) Extended confirmed users 21,373 edits Rewrote ambiguous lead Next edit →
Line 3: {{Information security}} '''Security testing''' is a process intended to ~~reveal~~detect flaws in the [[security]] mechanisms of an [[information system]] ~~that~~and as such help enable it to ~~protects~~protect data and ~~maintains~~maintain functionality as intended.<ref>M Martellini, & Malizia, A. (2017). Cyber and chemical, biological, radiological, nuclear, explosives challenges : threats and counter efforts. Springer.</ref> Due to the logical limitations of security testing, passing the security testing process is not an indication that no flaws exist or that the system adequately satisfies the security requirements. Typical security requirements may include specific elements of [[confidentiality]], [[integrity]], [[authentication]], availability, authorization and [[non-repudiation]].<ref>"Introduction to Information Security" US-CERT https://www.us-cert.gov/security-publications/introduction-information-security</ref> Actual security requirements tested depend on the security requirements implemented by the system. Security testing as a term has a number of different meanings and can be completed in a number of different ways. As such, a Security Taxonomy helps us to understand these different approaches and meanings by providing a base level to work from.

Security testing: Difference between revisions