Security testers, the bad guys ;)

I am comfortable as long as you are not intruding into my private space

Well, then what about hackers..? They are supposed to intrude into your space.

After all, that’s what they are supposed to do. So how can you ensure that your environment is less vulnerable?

The answer lies in security testing. With this form of testing, we are checking the real functionalities only but with a deeper objective. And ensuring that your product can’t be easily attacked by hackers.

The alarm system in your car for unauthorised access is an example of security measures. So in a security testing, you will be ensuring whether the alarm system is working properly. You might be simulating unexpected scenarios for the same.

Now coming to software security testing, let us take an example of user login form. Suppose you entered some user information and password and tried to access the system. And you received a message as incorrect password. Ah, there is smile on the hacker’s face as 50 % of his problem is solved. Yes, he understood that user information is correct and only password is wrong. In this way security testing is continued.

In a security testing a tester is acting as a bad guy to find your weakness.

Ensure that security testing is done with permission only; or else you will fall under the category of hackers.

So in short, security testing is the process of identifying vulnerabilities or weakness in the system