What Does Security Testing Mean?
Security testing is the process of evaluating and testing the information security of hardware, software, networks or an IT/information system environment.
It enables reviewing and certifying the security level of a given IT asset or facility against the key pillars/components of information security including:
- Confidentiality
- Availability
- Integrity
- Authentication
- Authorization
- Non-repudiation
Techopedia Explains Security Testing
Security testing generally involves simulating one or more malicious attacks on a given IT asset or system. It works by first reviewing the existing system for known vulnerabilities and exploiting those using manual and automated security testing tools and techniques (usually a combination of ethical and non-ethical hacking/malicious attacks or activities).
The outputs help information security administrators in benchmarking the information systems’ protection against such threats and vulnerabilities. Security testing can be part of a comprehensive information system audit process of an existing IT environment or is performed on newly developed/deployed software, hardware, and network and/or information system.
Penetration testing is a common example of security testing.