Category Archives: cybersecurity

Security Testing

In software development security testing is very important to making sure applications are strong enough against cyber attacks. Security testing encompasses a variety of practices like, application security testing, and penetration testing.

Overview of Security testing

For this blog post, I chose the article ” Security Testing from Bright Security. The article provides a lot of insight on security testing, it’s goal, benefits of security testing, key principles, and the different types of security testing.

1.) Goals: The article showcases the main goals of security testing, which are realizing what assess needs protection, identifying the potential threats and vulnerabilities, evaluate the risks that come with the vulnerabilities.

2.) Key Principles: The article covers the main key principles of security testing, which are availability, integrity, authentication, and authorization. These principles make sure that important/sensitive information is accessed only by authorized users, and that it remains accurate and trustworthy.

3.) Different types of Security Testing:

. Penetration Testing: This security testing method replicates real world cyber attacks to test the effectiveness of already existing security measures.

. Application Security Testing: This security testing method finds and eliminates the vulnerabilities within software applications.

. Web Application Security Testing: This security testing methods test different techniques that gauges the vulnerability of web applications.

. Security Audits and risks Assessment: This is a test method that checks to make sure that everything is structured properly and in compliance with the rules/standards.

4.) Benefits of Security Testing:

. Early Detection of Vulnerabilities: Security testing allows for the early recognition of potential security issues, reducing the risk of exposure.

. Risk Management: When the vulnerabilities are identified, then we can create solutions to solve the risks of a cyber attack or data leak.

. Trust and Cost Efficient: Early detection of risks and vulnerabilities will not only enhance the rust of customers but it will significantly reduce the cost of a data breach and various fines.

Why I picked this Resource

I picked this resource because it provided a comprehensive and detailed overview of Security Testing. This Article had a lot of similarities with the topics that we covered in our course. Also, the article makes it easier to understand the nature of security testing and various practices and principles associated with it.

Personal Reflection

Reading this article expanded my understanding of security testing beyond what we learned in class. I learned how important it is to just about everything related to technology. Identifying threats, risks, and vulnerabilities and how each of these things come together to reduce cyber attacks. One thing that I can takeaway from this is learning about the various types of Security Testing and each one does something different, but all have a similar goal.

In my future endeavors, I plan on using what I have learned about these Security Testing principles by implementing them on future projects. This new found knowledge will help me to make better decisions in the future.

The full Article is here:
https://brightsec.com/blog/security-testing/

From the blog CS@Worcester – In's and Out's of Software Testing by Jaylon Brodie and used with permission of the author. All other rights reserved by the author.

Pairwise and Combinatorial Testing

The article “Combinatorial Testing” focuses on the insights of software testing methods. This article explores the evolution of combinatorial testing, talking about advancements in algorithm performance and constraint representation. The article also talks about the importance in detecting interaction failures within software systems. The article also demonstrates the effectiveness of t-way combinations fault detection across various domains. The article “Pairwise Testing” talks about pair testing as a permutation and combination technique aimed at testing each pair of input parameters to ensure that the system if functioning properly across all possible combinations. The article also addresses the many benefits of pairwise testing and it’s role in reducing test execution time and cost while maintaining test coverage. Also, it talks about the challenges associated with pairwise testing, including the limitations in detecting interactions beyond pairwise combinations.

Pairwise Testing

pairwise testing is a software testing method that aims to comprehensively validate the behavior of a system by testing all possible pairs of input parameters. This method is mainly used when many of the defects in software systems are triggered by interactions between pairs of input parameters, rather than by individual parameters in isolation.

Benefits & Challenges

some benefits that pairwise offers is, efficiency: by testing the combinations of two input parameters at a time. This reduce’s the number of test cases required compared to exhaustive testing. pairwise testing also offers effective defect detection: by effectively finding defects that are triggered by interactions between pairs of input parameters, pairwise testing also helps to identify certain scenarios by systematically exploring pairs of parameters. Some challenges that pairwise testing may face is when it comes to parameter selection. Selecting the right parameters is crucial and requires a lot of knowledge of the software and it’s potential interaction scenarios. If the wrong parameter is selected this can lead to incomplete test coverage and missed defects.

Combinatorial Testing

Combinatorial testing is a software testing technique that focuses on efficiently testing the interactions between different input parameters of a system. This test method involves generating a set of test cases that include various combinations of input values / specific parameter values.

Benefits & Challenges

Some benefits of combinational testing include improved software quality: by being able to identify and address the interaction failures early in the development process. This test method tests various combinations of input parameters, which can help find defects that could impact the systems performance. A challenge that combinational testing may face is the scalability. Combinatorial testing is effective for small to medium sized systems and when scaling it to large and complex systems with a high number of input parameters and values, you may run into some problems.

Why did I pick this Article?

I pick these two article that talk about pairwise and combinatorial testing because both these test methods stand at the forefront of software test methods. The article’s goes into details about how both of these test methods offer an efficient way to ensure comprehensive test coverage while minimizing redundancy. Both of these articles have taught me a lot about pairwise and combinational testing.

Reflection

After reading both of these articles, I have gained a greater understanding of both these test cases. With the new found knowledge, I aspire to apply pairwise and combinatorial testing techniques in my future projects. Both these test methods offer practical solutions to common testing challenges, and by incorporating them into my future endeavors I aim to contribute to the development of reliable software systems.

Article link is here: https://www.sciencedirect.com/science/article/abs/pii/S0065245815000352

https://testsigma.com/blog/pairwise-testing/

From the blog CS@Worcester – In's and Out's of Software Testing by Jaylon Brodie and used with permission of the author. All other rights reserved by the author.