Security testing services
This presentation is the property of its rightful owner.
Sponsored Links
1 / 11

SECURITY TESTING SERVICES PowerPoint PPT Presentation


  • 63 Views
  • Uploaded on
  • Presentation posted in: General

SECURITY TESTING SERVICES. Security testing services. PRESENTATION PLAN WHAT IS SECURITY TESTING WHO NEEDS SECURITY TESTING SECURITY TESTING AT ITC Software SECURITY TESTING PROCESS. What is security testing. WHAT IS SECURITY TESTING?

Download Presentation

SECURITY TESTING SERVICES

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Security testing services

SECURITY TESTING SERVICES


Security testing services1

Security testing services

PRESENTATION PLAN

  • WHAT IS SECURITY TESTING

  • WHO NEEDS SECURITY TESTING

  • SECURITY TESTING AT ITC Software

  • SECURITY TESTING PROCESS


What is security testing

What is security testing

WHAT IS SECURITY TESTING?

Security testing is a process to determine that an information system protects data and maintains functionality as intended. The six basic security concepts that need to be covered by security testing are: confidentiality, integrity, authentication, authorization, availability and non-repudiation.

REASONS FOR SECURITY TESTING

  • Information and access security. Security tests help to find out loopholes that can cause loss of important information or allow intruder into the systems.

  • System stability. Security testing helps to improve the system and finally helps it to work for longer time (or it will work without hassles for the estimated time).

  • System integrity. If involved on the early stages of development life cycle, security testing allows to eliminate possible flaws in system design and implementation.

  • Economical efficiency. It’s much cheaper to prevent the possible problem rather than to strive for resolving it and its consequences.


Security testing services2

Security testing services

PRESENTATION PLAN

  • WHAT IS SECURITY TESTING

  • WHO NEEDS SECURITY TESTING

  • SECURITY TESTING AT ITC Software

  • SECURITY TESTING PROCESS


What is solved with security testing

What is solved with security testing

According OWASP Top Ten 2010 MAIN WEB SECURITY PROBLEMS are:

  • Injections

  • Cross Site Scripting (XSS)

  • Broken authentification and session management

  • Insecure direct object reference

  • Cross Site Request Forgery (CSRF)

  • Security misconfigurations

  • Failure to restrict URL access

  • Unvalidated redirects and forwards

  • Insecure cryptographic storage

  • Insufficient transport layer protection


Who needs security testing

Who needs security testing

Security testing is very important for the following TYPES OF APPLICATIONS:

  • Web-applications

  • Applications with sensitive commercial or personal information

  • Payment and statistic systems

  • Applications, sensitive to data distortion

  • Social applications

  • Applications with expensive licensing


Security testing services3

Security testing services

PRESENTATION PLAN

  • WHAT IS SECURITY TESTING

  • WHO NEEDS SECURITY TESTING

  • SECURITY TESTING AT ITC Software

  • SECURITY TESTING PROCESS


Security testing at itc software

Security testing at ITC Software

  • TEAM. At ITC Software we have a dedicated security testing team. Team members are highly experienced professionals in web-based and desktop applications security testing.

  • METHODOLOGY. ITC Software security testing process is usually based on OWASP Testing Guide, PCI DSS, ISO 27001 and other most common standards and practices.

  • TOOLS EMPLOYED. We use IBM Rational Appscan, WebInspect, WebScarab, Xspider, Nessus, Nikto, Firebug, and other small tools for injection checks.


Security testing services4

Security testing services

PRESENTATION PLAN

  • WHAT IS SECURITY TESTING

  • WHO NEEDS SECURITY TESTING

  • SECURITY TESTING AT ITC Software

  • SECURITY TESTING PROCESS


Security testing process

Security testing process

If involved on the early stages of development life cycle, security testing allows to eliminate possible flaws in system design and implementation.


Contact details

Contact details

ITC Software

Phone: + 978 287 4855

Email: [email protected]

Web: www.itcsoftware.com


  • Login