Each testing process comprises many kinds of testing activities. Among the most significant ones are functional testing, usability testing, performance testing and security testing. None of them mustn’t be ignored or executed carelessly.
Security has become of great importance for most of the modern software products. Its thorough check is a complex process involving various kinds of work and covering not only the system under test, but its environment as well.
Testers checking security often imitate attacks on the tested program and actions of hackers.
Security testing includes penetration tests. Executing them, security experts use various instruments for picking passwords or other data that can be used for stealing or damaging sensitive user information.
They try to utilize similar methods and instruments that may be used by the attackers. All the weaknesses should be found before the release.
People With Evil Intentions Aim To:
- steal and sell valuable information;
- gain control of the software;
- damage the data;
- use the data for ill purposes.
A lot of banking or other software products dealing with finances have appeared. They gain more and more popularity as they are available anytime and anywhere where there is the Internet connection. It is very convenient to check your balance on the debit or credit card or make some purchases staying in bed or sitting in a restaurant.
Security for such applications has become of primary importance. A lot of countries started to demand from companies and software owners to provide high security level for personal and financial information of their customers that they store and utilize. So, now, if the data are damaged or stolen, they will deal not only with angry customers, but with the law as well.
Unfortunately, together with increasing of security standards, hackers have become more skilled too. They try to utilize every possibility, weakness of the system or user carelessness for their ill intentions.
Nowadays Hackers Can:
- intercept data by means of various tools; it often relates to mobile programs, as mobile devices often utilize public WiFi hotspots or other insecure ways of connection;
- attack and compromise the mobile or desktop program;
- deceive ordinary users and make them install data miners or other kind of malicious applications that can record and send the user data to the hackers or damage them;
- install malicious software on certain devices in order to gain control of a program or attack it.
Every software testing company can name numerous ways of attacks on a system. Proper security testing can find weaknesses of the program and ways of correcting them. But users should also care about security of their sensitive information. Otherwise, no advanced security system can protect their information.
This entry passed through the Full-Text RSS service — if this is your content and you're reading it on someone else's site, please read the FAQ at http://ift.tt/jcXqJW.
No comments:
Post a Comment