Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
Security testing is the process of evaluating and testing the information security of hardware, software, networks or an IT/information system environment.
It enables reviewing and certifying the security level of a given IT asset or facility against the key pillars/components of information security including:
Security testing generally involves simulating one or more malicious attacks on a given IT asset or system. It works by first reviewing the existing system for known vulnerabilities and exploiting those using manual and automated security testing tools and techniques (usually a combination of ethical and non-ethical hacking/malicious attacks or activities).
The outputs help information security administrators in benchmarking the information systems' protection against such threats and vulnerabilities. Security testing can be part of a comprehensive information system audit process of an existing IT environment or is performed on newly developed/deployed software, hardware, and network and/or information system.
Penetration testing is a common example of security testing.