There are many approaches for the security testing purpose when scheduling and arranging for the security based testing. Few approaches are mentioned below:-
Security Architecture Survey
Categorize Security Testing
Security Architecture Analysis
Traceability Matrix Provision
Security Testing Tool classification
Test Case Preparation
Test Case Execution
Security Architecture Survey:- The foremost stage is to realize the Business Requirements Specifications ‘BRS’, security aims and targets in terms of the security conformity of the company. Test designing should be consider all security components.
Categorize Security Testing:- Assemble all the system setup data or details utilized for the growth of the networks and application like hardware, technology and operating systems.
Security Architecture Analysis:- In his phase, realize and analyze to the software below the testing. Prepare the register for the risks related with the vulnerabilities and security.
Threat Modelling:- We have to make the threat profile. We have to follow above mentioned steps to prepare the threat model.
Test Planning:- Based on determined threat, vulnerabilities and security risks develop the test plan to located these problems or issues. In this test plan we cover all type of security issues.
Traceability Matrix Provision:- For all determined threat vulnerabilities and security risks arrange the traceability matrix. This matrix is very important for the security purpose.
Security Testing Tool classification:- User can not performed manually whole security testing that's why classify the tool to performed all security test cases quicker and better dependably.
Test Case Preparation:- Create the documents related the security tests case. These test case should be covered all types of scenario based on vulnerabilities and security.
Test Case Execution:- In this phase we accomplish the test cases based on security and also verify the fixed bugs. If there will be any new issue then we can create new bug pr reopen to the existing bug.
Reports:- In this phase, create the thorough report of the security testing which includes vulnerabilities contained, details about risk also open bugs etc.