Security Testing ServicesTe s t B e y o n d t h e O b v i o u s

• World’s 2nd Largest Independent Testing Company

2

• QA & Testing focusQA and Software Testing is all that we do!

QualiTest Group

About QualiTest

• Global Service delivery Model – Right Shore!Onshore, Near-Shore, Offshore and Crowd Testing

• Results Based Testing (RBT)Contractual guarantees for quality Improvement & cost reduction

• Managed Testing Solutions (MTS)Long term, SLA based testing outsourcing

• Knowledge center for Global practicesCustomized testing solutions based on proven test methodologies and QualiTest’s unique perspective

QualiTest’s Strategic Statement:

4

Design & deliver the right industry & technologyfocused SQA solutions, leveraging our diversified business models & ability to gain a deep understanding of customer’s goals & challenges

Security Testing

5

QualiTest’s security testing services verify that the systems information data is protected and that the intended functionality is maintained

Features of Security Testing

6

QualiTest’s security testing process is comprised from the following activities:

Capture and define security test requirements

Define all entry points to the system

Analyze potential threats and risk analysis based on

the entry points

What is Security Testing

7

Security Testing is focused on unacceptable inputs and whether these inputs are likely to create significant failure in regards to the given requirements of the product under test

The most important part of Security Testing is providing sufficient evidence to clients to show that their system and its information is safe and secure from unacceptable inputs

Information Security Terms

8

Some of the basic Information security terms are :

Asset

Anything that has value to an organization, subject to many kinds of threats

Threat

A potential cause of an unwanted incident, which may result in harm to a system or organization

Vulnerability

A weakness of an asset or group of assets that can be exploited by one or more threats

Risk

The potential that a given threat will exploit vulnerabilities to cause loss or damage to an asset or group of information assets and thereby cause harm to the organization

Information Security

The preservation of confidentiality integrity and availability of information

Vulnerabilities

9

There are established vulnerabilities and also tools which can help us identify common vulnerabilities in code:

Top 10 Vulnerabilities• Injection Flaws (SQL Injection)• Malicious File Execution• Insecure Direct Object Reference• Cross Site Request Forgery (CSRF)• Information Leakage and Improper Error Handling• Broken Authentication and Session Management• Insecure Cryptographic Storage• Insecure Communications• Failure to Restrict URL Access

Deliverables of Security Testing

10

• A complete system breakdown, detailing your system’s structure and our plan for testing

• A comprehensive defect report exhibits the details about any security weaknesses, each bug, its severity, and location.

• On-going support is provided from a QualiTest senior test specialist to improve quality and incite continuous improvement.

Benefits

11

The benefits of using QualiTest’s Security testing services include:

• Quality Insight• QualiTest’s can provide you with peace of mind and assurance of a clear insight into the

quality of your system

• No Lead Time• Reduce application time to market

• Competitive pricing• Take advantage of our existing operation at competitive pricing

• Quality Improvement• Our experienced testing engineers can increase your testing coverage and assure new quality

standards

Thank You !

w w w . Q u a l i Te s t G r o u p . c o m