Security Testing snippets.
The following short article is applicable for testers to gain certain info .Security is a way to protect the system in terms of integrity and authorization. .I will present few trouble spots that are fundamental for testers at various skill levels.
Url manipulation in the server is favorite spot for hackers.This leads to data theft.Spurious script input and HTML tag inputs also can used as a way to hack the system.This type normally occurs at user interface layer.data transaction that occur between various stateless and state ful protocols should be analysed for any possible breaches.There should be no breach of confidence for the user in terms of his roles and rights.Possible strong encryption and password checking will contribute to better security. Nowdays nano tech processors makes it easy to break paraphrases within short times.This should be checked.There are loop holes in terms of unwanted script execution during data transactions between nodes of the webapp.This aspect should be investigated.cookies are one of the favorite tools for hackers to gain access to data.This condition should be negated in various contexts. Usage of input data beyond limit and special symbols with the form might be risky for the user.Data theft from main memory is the buzzword for hackers .This particular use case is more relevant with smartphone and tablets.
The above paragraph tells us about few important trouble stops that need to be questioned by using age old technique of who,what,where,why,how,which,whom,with w.r.t to system architecture and its users.Certain tools can be handy if we have write test approach to uncover the mystery.Finally we can make good risk assessment and informed decisions .
The following short article is applicable for testers to gain certain info .Security is a way to protect the system in terms of integrity and authorization. .I will present few trouble spots that are fundamental for testers at various skill levels.
Url manipulation in the server is favorite spot for hackers.This leads to data theft.Spurious script input and HTML tag inputs also can used as a way to hack the system.This type normally occurs at user interface layer.data transaction that occur between various stateless and state ful protocols should be analysed for any possible breaches.There should be no breach of confidence for the user in terms of his roles and rights.Possible strong encryption and password checking will contribute to better security. Nowdays nano tech processors makes it easy to break paraphrases within short times.This should be checked.There are loop holes in terms of unwanted script execution during data transactions between nodes of the webapp.This aspect should be investigated.cookies are one of the favorite tools for hackers to gain access to data.This condition should be negated in various contexts. Usage of input data beyond limit and special symbols with the form might be risky for the user.Data theft from main memory is the buzzword for hackers .This particular use case is more relevant with smartphone and tablets.
The above paragraph tells us about few important trouble stops that need to be questioned by using age old technique of who,what,where,why,how,which,whom,with w.r.t to system architecture and its users.Certain tools can be handy if we have write test approach to uncover the mystery.Finally we can make good risk assessment and informed decisions .
No comments:
Post a Comment