Web Application Security Testing
Definition - What does Web Application Security Testing mean?
Web application security testing is the process of testing, analyzing and reporting on the security level and/or posture of a Web application.
It is used by Web developers and security administrators to test and gauge the security strength of a Web application using manual and automated security testing techniques. The key objective behind Web application security testing is to identify any vulnerabilities or threats that can jeopardize the security or integrity of the Web application.
Techopedia explains Web Application Security Testing
Web application security testing is a broad process that includes a multitude of processes that enable security testing of a Web application. It is a systematic process that starts from identifying and scoping the entire application, followed by planning multiple tests.
Typically, Web application security testing is performed after the Web application is developed. The Web application undergoes a rigorous testing process that includes a series of fabricated malicious attacks to see how well the Web application performs/responds. The overall security testing process is generally followed by a format report that includes the identified vulnerabilities, possible threats and recommendations for overcoming the security shortfalls.
Some of the processes within the testing process include:
- Brute force attack testing
- Password quality rules
- Session cookies
- User authorization processes
- SQL injection