Types of Security Testing
Static Application Security Testing
▪ An example of static application security testing is static source code analysis. So this is where I use a tool to analyze the source code without running it because it's static.
▪ Another example would be linters, where you check the code, for instance, for formatting or readability consistency.
▪ Another example of static application security testing would be the checks on secrets in code.
Dynamic Application Security Testing
▪ Examples of those are dynamic source code analysis. This is where we run the code, execute it, and try to find security issues.
▪ Another example would be fuzzers, where we try numerous different inputs and see how the code, the running code, reacts.
▪ Another example of dynamic application security testing would be attack proxies. For instance, the open-source security scanner OWASP ZAP. That's an example of an attack proxy that tries to attack running code. It tried to find security issues in the code by performing various tests.
Vulnerability Scanner
Vulnerability
First, start with looking at what a vulnerability is. The definition for a vulnerability that I always use is a weakness that can be exploited. You have bugs in code, weaknesses, and a vulnerability is a weakness that can be exploited. That's what makes a weakness the vulnerability.
Vulnerability Scanner only looks for known and published vulnerabilities.
Automated Vulnerability Scanners
An automated vulnerability scanner performs three different steps.
▪ Fingerprint assets - It tries to fingerprint all the assets in use. It can do this, for instance, by using checksums on the source code.
▪ Ingest lists of known vulnerabilities - Then it ingests() the lists of known vulnerabilities. So this is where a vulnerability scanner contacts other sources on the internet, having a list of published vulnerabilities.
▪ Compare assets with lists - then it compares the assets that have been fingerprinted in the first step with the list of known vulnerabilities. And if there is a match, then the automated vulnerability scanner has found a vulnerability.
Example of Automated Vulnerability Scanners
▪ Network vulnerability scanner
▪ Container vulnerability scanner
▪ Third-party libraries scanner
Last updated