Www.itcsoftware.com ITC Software ITC SECURITY TESTING SERVICES Date (Day Month, Year) Place (City,...
-
Upload
jesse-hurn -
Category
Documents
-
view
216 -
download
2
Transcript of Www.itcsoftware.com ITC Software ITC SECURITY TESTING SERVICES Date (Day Month, Year) Place (City,...
![Page 1: Www.itcsoftware.com ITC Software ITC SECURITY TESTING SERVICES Date (Day Month, Year) Place (City, Country)](https://reader037.fdocuments.us/reader037/viewer/2022110304/551a121d55034619378b4ec1/html5/thumbnails/1.jpg)
www.itcsoftware.com
ITCSoftwareSoftware
ITC
SECURITY TESTING SERVICES
Date (Day Month, Year)Place (City, Country)
![Page 2: Www.itcsoftware.com ITC Software ITC SECURITY TESTING SERVICES Date (Day Month, Year) Place (City, Country)](https://reader037.fdocuments.us/reader037/viewer/2022110304/551a121d55034619378b4ec1/html5/thumbnails/2.jpg)
www.itcsoftware.com
ITCSoftwareSecurity testing services
PRESENTATION PLAN
• WHAT IS SECURITY TESTING
• WHO NEEDS SECURITY TESTING
• SECURITY TESTING AT ITC Software
• SECURITY TESTING PROCESS
![Page 3: Www.itcsoftware.com ITC Software ITC SECURITY TESTING SERVICES Date (Day Month, Year) Place (City, Country)](https://reader037.fdocuments.us/reader037/viewer/2022110304/551a121d55034619378b4ec1/html5/thumbnails/3.jpg)
www.itcsoftware.com
ITCSoftwareWhat is security testing
WHAT IS SECURITY TESTING?
Security testing is a process to determine that an information system protects data and maintains functionality as intended. The six basic security concepts that need to be covered by security testing are: confidentiality, integrity, authentication, authorization, availability and non-repudiation.
REASONS FOR SECURITY TESTING
• Information and access security. Security tests help to find out loopholes that can cause loss of important information or allow intruder into the systems.
• System stability. Security testing helps to improve the system and finally helps it to work for longer time (or it will work without hassles for the estimated time).
• System integrity. If involved on the early stages of development life cycle, security testing allows to eliminate possible flaws in system design and implementation.
• Economical efficiency. It’s much cheaper to prevent the possible problem rather than to strive for resolving it and its consequences.
![Page 4: Www.itcsoftware.com ITC Software ITC SECURITY TESTING SERVICES Date (Day Month, Year) Place (City, Country)](https://reader037.fdocuments.us/reader037/viewer/2022110304/551a121d55034619378b4ec1/html5/thumbnails/4.jpg)
www.itcsoftware.com
ITCSoftwareSecurity testing services
PRESENTATION PLAN
• WHAT IS SECURITY TESTING
• WHO NEEDS SECURITY TESTING
• SECURITY TESTING AT ITC Software
• SECURITY TESTING PROCESS
![Page 5: Www.itcsoftware.com ITC Software ITC SECURITY TESTING SERVICES Date (Day Month, Year) Place (City, Country)](https://reader037.fdocuments.us/reader037/viewer/2022110304/551a121d55034619378b4ec1/html5/thumbnails/5.jpg)
www.itcsoftware.com
ITCSoftwareWhat is solved with security testing
According OWASP Top Ten 2010 MAIN WEB SECURITY PROBLEMS are:
• Injections
• Cross Site Scripting (XSS)
• Broken authentification and session management
• Insecure direct object reference
• Cross Site Request Forgery (CSRF)
• Security misconfigurations
• Failure to restrict URL access
• Unvalidated redirects and forwards
• Insecure cryptographic storage
• Insufficient transport layer protection
![Page 6: Www.itcsoftware.com ITC Software ITC SECURITY TESTING SERVICES Date (Day Month, Year) Place (City, Country)](https://reader037.fdocuments.us/reader037/viewer/2022110304/551a121d55034619378b4ec1/html5/thumbnails/6.jpg)
www.itcsoftware.com
ITCSoftwareWho needs security testing
Security testing is very important for the following TYPES OF APPLICATIONS:
Web-applications
Applications with sensitive commercial or personal information
Payment and statistic systems
Applications, sensitive to data distortion
Social applications
Applications with expensive licensing
![Page 7: Www.itcsoftware.com ITC Software ITC SECURITY TESTING SERVICES Date (Day Month, Year) Place (City, Country)](https://reader037.fdocuments.us/reader037/viewer/2022110304/551a121d55034619378b4ec1/html5/thumbnails/7.jpg)
www.itcsoftware.com
ITCSoftwareSecurity testing services
PRESENTATION PLAN
• WHAT IS SECURITY TESTING
• WHO NEEDS SECURITY TESTING
• SECURITY TESTING AT ITC Software
• SECURITY TESTING PROCESS
![Page 8: Www.itcsoftware.com ITC Software ITC SECURITY TESTING SERVICES Date (Day Month, Year) Place (City, Country)](https://reader037.fdocuments.us/reader037/viewer/2022110304/551a121d55034619378b4ec1/html5/thumbnails/8.jpg)
www.itcsoftware.com
ITCSoftwareSecurity testing at ITC Software
• TEAM. At ITC Software we have a dedicated security testing team. Team members are highly experienced professionals in web-based and desktop applications security testing.
• METHODOLOGY. ITC Software security testing process is usually based on OWASP Testing Guide, PCI DSS, ISO 27001 and other most common standards and practices.
• TOOLS EMPLOYED. We use IBM Rational Appscan, WebInspect, WebScarab, Xspider, Nessus, Nikto, Firebug, and other small tools for injection checks.
![Page 9: Www.itcsoftware.com ITC Software ITC SECURITY TESTING SERVICES Date (Day Month, Year) Place (City, Country)](https://reader037.fdocuments.us/reader037/viewer/2022110304/551a121d55034619378b4ec1/html5/thumbnails/9.jpg)
www.itcsoftware.com
ITCSoftwareSecurity testing services
PRESENTATION PLAN
• WHAT IS SECURITY TESTING
• WHO NEEDS SECURITY TESTING
• SECURITY TESTING AT ITC Software
• SECURITY TESTING PROCESS
![Page 10: Www.itcsoftware.com ITC Software ITC SECURITY TESTING SERVICES Date (Day Month, Year) Place (City, Country)](https://reader037.fdocuments.us/reader037/viewer/2022110304/551a121d55034619378b4ec1/html5/thumbnails/10.jpg)
www.itcsoftware.com
ITCSoftwareSecurity testing process
If involved on the early stages of development life cycle, security testing allows to eliminate possible flaws in system design and implementation.
![Page 11: Www.itcsoftware.com ITC Software ITC SECURITY TESTING SERVICES Date (Day Month, Year) Place (City, Country)](https://reader037.fdocuments.us/reader037/viewer/2022110304/551a121d55034619378b4ec1/html5/thumbnails/11.jpg)
www.itcsoftware.com
ITCSoftwareContact details
ITC Software
Phone: + 978 287 4855
Email: [email protected]
Web: www.itcsoftware.com