Security Testing Overview
Software defects and poor construction practices
can make applications vulnerable to attack. Security
vulnerabilities enable an attacker to impact a company’s
systems and assets, and the company can be liable
for the damages that a security breach causes.
With security, prevention is the key to success.
Security testing allows developers and testers to
verify that the application’s security functions,
including passwords and authentication, operate
correctly and that information can be successfully
encrypted and decrypted. Security testing also enables
developers and testers to ensure that the code written
is not vulnerable to attack.
Parasoft provides solutions that allow enterprises
to establish and enforce an effective application
security policy. These policies define how the code
should operate to maintain the degree of security
that is required for the application. These solutions
enable developers and testers to identify security
mechanisms that are not implemented and operating
correctly. They are available for Java, C++, .NET,
HTML, XML and Web Services environments.
The solutions automatically analyze the source
code to ensure that the security polices have been
followed and to find violations of the policy that
can create security vulnerabilities. They can also
use penetration testing, which automatically simulates
an attacker’s actions, to confirm that the
security policy is implemented and operating correctly.
|
