Security Testing Case Study 360logica Software Testing Services.

  • Published on
    30-Dec-2015

  • View
    219

  • Download
    7

Transcript

Security Testing Case Study360logica Software Testing ServicesThe Client Our Customer is a Online News Community http://www.newsfromfriends.com . User can get their personal newspaper and share thoughts and address them to special personsThe requirementsCustomer wanted to make sure their users privacy and content are secured enough, few of their security test requirements are below:SQL injection vulnerabilityCross site scriptingBusiness workflow securitiesAuthentication securityBrute force authentication breach testingFirewall security testingWeb server files securityThe SolutionIdentification of Application Input e.g. Files, environment variables, parameters in URL, through form submission etc., config files and registryIdentification Application Output e.g. Files, Environmental Variables , Network Traffic , The Windows Registry , Console/Form , Database Source and Hidden Logical tests Authentication, login, Email confirmation, business work flow securities, data encryption etc. The Technology PHP Linux ApacheContributionBreach finding using cross site scripting and SQL injectionBreach finding using Brute force authenticationLink injection, other users profile access breach and their content as wellHidden folders and direct files access from web serverEmail security and Data encryption security