How to perform security testing during website Testing

Source: Internet
Author: User

Security testing is a process for verifying the security services of applications and identifying potential security defects.
Note: Security Testing does not ultimately prove that the application is secure, but is used to verify the effectiveness of the policies set up. These measures are selected based on the assumptions made during the threat analysis phase.
The following is the content of the Web Security Test Section I have read in <software evaluation test tutorial> and made changes to the notes. I have read a lot of my friends and wrote it, but it is not very complete, I hope it will be helpful to you. I suggest you buy this book <software evaluation test tutorial> which is definitely worth the money ^_^
WEB Security Testing
A complete WEB security test includes deployment and infrastructure, input authentication, identity authentication, authorization, configuration management, sensitive data, session management, and encryption. Parameter operations, exception management, review, and logging.
1. Security System Testing
1) deployment and infrastructure
Whether the network provides Secure Communication
Whether the deployment topology includes an internal firewall
Whether Remote Application Servers are included in the deployment Topology
What are the limits of infrastructure security requirements?
What level of trust does the target environment support?
2) input verification
How to verify Input
A. Do you know the entry point?
B. Whether the trust boundary is clear
C. Verify webpage Input
D. Whether to verify the parameters passed to the component or Web Service
E. Whether to verify the data retrieved from the database
F. Set Methods
G. Whether it depends on the client for verification
H. Is the application vulnerable to SQL injection attacks?
I. Is the application vulnerable to XSS attacks?
How to handle Input
3) Authentication
Distinguish between public access and restricted access
Specify service account requirements
How to verify caller identity
How to verify the database identity
Force trial account management measures?
4) Authorization
How to authorize end users
How to authorize an application in a database
How to restrict access to system-level resources
5) Configuration Management
Remote Management supported?
Whether to ensure the security of configuration and storage
Isolate administrator privileges?
6) Sensitive data
Whether to store confidential information
How to store sensitive data
Whether to transmit sensitive data in the Network
Whether to record sensitive data
7) session management
How to exchange session identifiers
Limit session lifetime?
How to ensure the security of session storage status
8) Encryption
Why use specific algorithms?
How to ensure the security of the encryption key
9) parameter operations
Verify all input parameters
Whether to transmit sensitive data during the parameter Process
Whether HTTP header data is used for security issues
10) exception management
Whether to use structured exception handling
Is too much information exposed to the client?
11) Review and logging
Whether the activity to be reviewed is specified
Whether to consider how to flow the original call to this identity
2. Application and Transmission Security
WEB application system security can be divided into application-level security and transmission-level security from the perspective of use. Security Testing can also begin with these two aspects.
The main purpose of application-level security testing is to find the security risks in the Web system program design. The main test areas are as follows.
Registration and login: The current Web application system basically uses the first registration, and then login method.
A. Valid and invalid usernames and passwords must be tested.
B. Check whether the case sensitivity exists,
C. How many times can I try?
D. Can I directly browse a page without logging on.
Online Timeout: whether the Web application system has a timeout limit. That is to say, if you log on to a Web application system for a certain period of time (for example, 15 minutes) and do not click any page, You need to log on again to use it normally.
Operation trace: log files are critical to ensure the security of Web application systems. You need to test whether the information is written into the log file and traceable.
Backup and recovery: to prevent data loss caused by unexpected system crashes, backup and recovery are essential functions of a Web system. Backup and recovery can be implemented by multiple means according to the security requirements of the Web system, such as incremental database backup, full database backup, and full system backup. For higher security requirements, some real-time systems often adopt dual-host hot standby or multi-level hot standby. In addition to verifying and testing the backup and recovery methods, we also need to assess whether the backup and recovery methods meet the security requirements of the Web system.
Transmission-level security testing is designed to take into account the transmission particularity of the Web system. It focuses on testing the possible security vulnerabilities that may exist when data is transmitted to the server through the client, as well as the server's ability to prevent unauthorized access. The general test items include the following aspects.
HTTPS and SSL tests: by default, secure HTTP (Soure HTTP) uses common HTTP on port 443 through secure Socket SSL (Source Socket Layer) protocol. The encryption length of the public key used by HTTPS determines the HTTPS security level, but in a sense, the security guarantee is at the cost of performance loss. In addition to testing whether the encryption is correct, checking the information integrity and verifying the HTTPS security level, pay attention to whether the performance meets the requirements under this security level.
Server-side script vulnerability check: scripts on the server often constitute security vulnerabilities, which are often exploited by hackers. Therefore, you must test whether the script cannot be placed or edited on the server without authorization.
Firewall testing: Firewall is a type of router mainly used to protect against illegal access. It is a common security system in Web systems. Firewall testing is a very professional topic. All involved here is to test the firewall functions and settings to determine the security requirements of the Web system.
We also recommend security testing tools:
Watchfire AppScan: commercial Web vulnerability scanner (this tool seems to have been acquired by IBM, so we recommend it first)
AppScan performs security tests according to the application development lifecycle, and performs unit tests and security assurance as early as the development stage. Appscan can scan multiple common vulnerabilities, such as cross-site scripting, HTTP Response cutting, parameter tampering, hidden value tampering, backdoor/debugging options, and buffer overflow.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.