[Skip to content]

Search our Site
Easysite Resource Centre
Security Testing

Security Testing

What is Security Testing?

Security testing is a process intended to reveal flaws in the security mechanisms of an information system that protect data and maintain functionality as intended.

The processes usually fall into one of two categories - Vulnerability Assessment and Penetration test - it is important to remember that these are two separate practices.

What is a Vulnerability Assessment?

Defined, a vulnerability assessment is the process of identifying and quantifying security vulnerabilities in a software environment. It is an in-depth evaluation of information security posture, indicating weaknesses as well as providing the appropriate mitigation procedures required to either eliminate those weaknesses or reduce them to an acceptable level of risk.

Vulnerability Assessments follow these general steps:
  1. Catalog assets and resources in a system
  2. Assign quantifiable value and importance to the resources
  3. Identify the security vulnerabilities or potential threats to each resource
  4. Mitigate or eliminate the most serious vulnerabilities for the most valuable resources

It is key to remember that even some vulnerability assessment programs and practices use intrusive and sometimes damaging methods to obtain information about vulnerabilities.

What is a Penetration Test?

A penetration test simulates the actions of an external and/or internal cyber attacker that aims to breach the information security of the organization. Using many tools and techniques, the penetration tester (ethical hacker) attempts to exploit critical systems and gain access to sensitive data.

Are you considering conducting Security Testing on your site?

Before you schedule anything with your team or with a 3rd party testing company you must submit our Security Testing Consent Form. According to the 'External Security Testing Guidance and Consent' document, consent must be provided in advance by Ideagen PLC each time you conduct Security Testing.

Continue to Security Testing Consent Form

Article details

Last updated:05 August 2016

Related articles...