software security testing vinay srinivasan [email protected]...
TRANSCRIPT
Software Security Testing
Vinay [email protected]@techmahindra.comcell: +91 9823104620
By
Vinay Srinivasan(Tech Lead)
Working At
Testing Center of Excellence Laboratory,TechMahindra, Pune
Secure Software Confidentiality
Disclosure of information to only intended parties Integrity
Determine whether the information is correct or not Data Security
Privacy Data Protection Controlled Access
Authentication Access to Authorized PeopleAvailability Ready for Use when expectedNon Repudiation Information Exchange with proof
Software Security Security of Operating System Security of Client Software Security of Application Software Security of System Software Security of Database Software Security of Software Data Security of Client Data Security of System Data Security of Server Software Security of Network Software
Why Security Testing For Finding Loopholes For Zeroing IN on Vulnerabilities For identifying Design Insecurities For identifying Implementation Insecurities For identifying Dependency Insecurities and Failures For Information Security For Process Security For Internet Technology Security For Communication Security For Improving the System For confirming Security Policies For Organization wide Software Security For Physical Security
Approach to Software Security Testing Study of Security Architecture Analysis of Security Requirements Classifying Security Testing Developing Objectives Threat Modeling Test Planning Execution Reports
Security Testing Techniques
OS Hardening Configure and Apply Patches Updating the Operating System Disable or Restrict unwanted Services and Ports Lock Down the Ports Manage the Log Files Install Root Certificate Protect from Internet Misuse and be Cyber Safe Protect from Malware
Vulnerability Scanning Identify Known Vulnerabilities Scan Intrusively for Unknown Vulnerabilities
Security Testing Techniques (continued…) Penetration Testing
Simulating Attack from a Malicious Source Includes Network Scanning and Vulnerability Scanning Simulates Attack from someone Unfamiliar with the System Simulates Attack by having access to Source Code, Network,
Passwords Port Scanning and Service Mapping
Identification and locating of Open Ports Identification of Running Services
Firewall Rule Testing Identify Inappropriate or Conflicting Rules Appropriate Placement of Vulnerable Systems behind Firewall Discovering Administrative Backdoors or Tunnels
SQL Injection Exploits Database Layer Security Vulnerability Unexpected Execution of User Inputs
Security Testing Techniques (continued…) Cross Side Scripting
Injecting Malicious Client Side Script into Web Pages Persistent, Non-Persistent and DOM based Vulnerabilities
Parameter Manipulation Cookie Manipulation Form Field Manipulation URL Manipulation HTTP Header Manipulation
Denial of Service Testing Flooding a target machine with enough traffic to make it incapable
Command Injection Inject and execute commands specified by the attacker Execute System level commands through a Vulnerable Application
Security Testing Techniques (continued…) Network Scanning
Identifying Active Hosts on a network Collecting IP addresses that can be accessed over the Internet Collecting OS Details, System Architecture and Running Services Collecting Network User and Group names Collecting Routing Tables and SNMP data
Password Cracking Collecting Passwords from the Stored or Transmitted Data Using Brute Force and Dictionary Attacks Identifying Weak Passwords
Ethical Hacking Penetration Testing, Intrusion Testing and Red Teaming
File Integrity Testing Verifying File Integrity against corruption using Checksum
Security Testing Techniques (continued…)
War Dialing Using a Modem to dial a list of Telephone Numbers Searching for Computers, Bulletin Board System and Fax Machines
Wireless LAN Testing Searching for existing WLAN and logging Wireless Access Points
Buffer Overflow Testing Overwriting of Memory fragments of the Process, Buffers of Char type
Format String Testing Supplying Format type specifiers in the Application input
Random Data Testing Random Data Inputs by a Program Encoded Random Data included as Parameters Crashing built-in code Assertions
Security Testing Techniques (continued…)
Random Mutation Testing Bit Flipping of known Legitimate Data Byte stream Sliding within known Legitimate Data
Session Hijacking Exploitation of Valid Computer Session Exploitation of the Web Session control mechanism Gain unauthorized access to the Web Server
Phishing Masquerading as a trustworthy entity in an electronic communication Acquiring usernames, passwords and credit card details
URL Manipulation Make a web server Deliver inaccessible web pages URL Rewriting
Security Testing Techniques (continued…) IP Spoofing
Creating Internet Protocol (IP) packets with a forged source IP address Packet Sniffing
Capture and Analyze all of the Network traffic Virtual Private Network Testing
Penetration Testing Social Engineering
Psychological Manipulation of People Divulging confidential information
Conclusion Analyze potential Threat and its Impact Complete Security Testing may not be Feasible Collect Information to Secure Business Environment Should be done as early as possible in the Dev.. Cycle Should be able to identify the Security Requirements Have Specific understanding of the Various Processes Should provide Recommendations to overcome Weakness
Thank You
Contact Details
Email : [email protected]
Phone : +91-20-42250000 Extn : 253925 /
253926 +91-20-66550000 Extn : 253925 /
253926 +91-9823104620
Fax : +91-20-42252501 +91-20-66552501