Upload
qualitest-group
View
126
Download
4
Embed Size (px)
Citation preview
• World’s 2nd Largest Independent Testing Company
2
• QA & Testing focusQA and Software Testing is all that we do!
QualiTest Group
About QualiTest
• Global Service delivery Model – Right Shore!Onshore, Near-Shore, Offshore and Crowd Testing
• Results Based Testing (RBT)Contractual guarantees for quality Improvement & cost reduction
• Managed Testing Solutions (MTS)Long term, SLA based testing outsourcing
• Knowledge center for Global practicesCustomized testing solutions based on proven test methodologies and QualiTest’s unique perspective
QualiTest’s Strategic Statement:
4
Design & deliver the right industry & technologyfocused SQA solutions, leveraging our diversified business models & ability to gain a deep understanding of customer’s goals & challenges
Security Testing
5
QualiTest’s security testing services verify that the systems information data is protected and that the intended functionality is maintained
Features of Security Testing
6
QualiTest’s security testing process is comprised from the following activities:
Capture and define security test requirements
Define all entry points to the system
Analyze potential threats and risk analysis based on
the entry points
What is Security Testing
7
Security Testing is focused on unacceptable inputs and whether these inputs are likely to create significant failure in regards to the given requirements of the product under test
The most important part of Security Testing is providing sufficient evidence to clients to show that their system and its information is safe and secure from unacceptable inputs
Information Security Terms
8
Some of the basic Information security terms are :
Asset
Anything that has value to an organization, subject to many kinds of threats
Threat
A potential cause of an unwanted incident, which may result in harm to a system or organization
Vulnerability
A weakness of an asset or group of assets that can be exploited by one or more threats
Risk
The potential that a given threat will exploit vulnerabilities to cause loss or damage to an asset or group of information assets and thereby cause harm to the organization
Information Security
The preservation of confidentiality integrity and availability of information
Vulnerabilities
9
There are established vulnerabilities and also tools which can help us identify common vulnerabilities in code:
Top 10 Vulnerabilities• Injection Flaws (SQL Injection)• Malicious File Execution• Insecure Direct Object Reference• Cross Site Request Forgery (CSRF)• Information Leakage and Improper Error Handling• Broken Authentication and Session Management• Insecure Cryptographic Storage• Insecure Communications• Failure to Restrict URL Access
Deliverables of Security Testing
10
• A complete system breakdown, detailing your system’s structure and our plan for testing
• A comprehensive defect report exhibits the details about any security weaknesses, each bug, its severity, and location.
• On-going support is provided from a QualiTest senior test specialist to improve quality and incite continuous improvement.
Benefits
11
The benefits of using QualiTest’s Security testing services include:
• Quality Insight• QualiTest’s can provide you with peace of mind and assurance of a clear insight into the
quality of your system
• No Lead Time• Reduce application time to market
• Competitive pricing• Take advantage of our existing operation at competitive pricing
• Quality Improvement• Our experienced testing engineers can increase your testing coverage and assure new quality
standards