This is a category of Black box testing, geared to functional requirements of an application, performed by the testing team.
Security hardening review is performed to ascertain that the system is configured and hardened appropriately based on the security design of the system.
Is to assess the security holes (vulnerabilities) in an application, operating systems, network and communications systems and infrastructure.
Is the process that exploits the vulnerabilities to determine whether unauthorized access or other malicious activity is possible and identify which flaws pose a threat.
A black-box security testing activity in which the application is tested from the outside without login information to analyze a web-based application and identify potential security vulnerabilities.
A white-box security testing activity to analyze the source codes of the application, identify and exploit all application and code vulnerabilities.
A process to conduct a systematic examination of the computer program code to find and remove vulnerabilities.
Allows an organization to view the application portfolio holistically from attacker’s perspective and an integral part of an organization's risks management process. Risk assessment identifies, assess and implement key security controls in the application. It also focuses on preventing application security defects and vulnerabilities.
Manual review of the current documentation relevant to industry ICT security policies, guidelines and standards and interview with the personnel before the system commissioning.