Security testing: The evaluation of a system or network’s resilience against potential security threats and vulnerabilities. It assesses the system’s ability to resist unauthorized access, handle unexpected inputs without failing, maintain data privacy, and ensure business continuity. Examples include penetration testing, vulnerability scanning, and security auditing, with the goal of identifying weak spots that could be exploited by malicious actors.
Categories: CC D5: Security Operations | CCSP D4: Cloud Application Security | CISM D3: Information Security Program | CISSP D6: Security Assessment and Testing | Security+ D5: Security Program Management and Oversight | SSCP D3: Risk Identification Monitoring and Analysis
Related Articles:
- Glossary: Test types
- Glossary: Software System Testing and Evaluation
- Glossary: Security inspection
- Glossary: SAST (Static Application Security Testing)
- Glossary: Parallel simulation
- Glossary: Known-good Data (Testing)
- Glossary: National Information Assurance Partnership (NIAP)
- Glossary: Information security
- Glossary: Information Assurance (IA)
- Glossary: Dynamic Application Security Testing (DAST)