Security test

Why?

Connected products and online services are prone to misuse by rogue users. Security tests identify weaknesses of the system and thus help prevent misuse.

How?

Many system tests use a closed set to test if the system does what it should do. Security tests use an open set and test whether the system does not do what it is not supposed to do. Use creativity tools like brainstorming for white box testing, or validated lists of known vulnerabilities for black box testing.

Ingrediënts

An inquisitive mindset and the necessary expertise.
Technical tools.
Plenty of time and computing power.
Documentation, source code for white box testing.
Tools like SANS TOP 25 Software Errors for black box testing.

In practice

Companies use different types of security testing. For black box testing, stepping stone scans and standard lists of known vulnerabilities are used. White box testing is conducted when requested by the product developer.

inspiration data

expertise fit

overview certainty

CMD METHODS PACK

Find a combination of research methods that suit your needs - more info

Security test

Why?

How?

Ingrediënts

In practice