SSE ch 9 video

Security Testing Techniques

Introduction

  • Discussion around security testing techniques, emphasizing their practical significance.

  • The course focuses on theoretical aspects but includes practical applications.

Types of Testing in Software Development

  • Security testing integrates not only functionality testing but also security considerations.

  • Types of Tests:

    • Unit Tests:

    • Tests individual functions or classes in a software system.

    • Focus on the smallest units of code, ensuring they operate correctly.

    • Integration Tests:

    • Focus on interactions between multiple modules, confirming they work together as intended.

    • Example: Verify if an encryption function is correctly implemented and operates securely.

    • Non-Functional Requirements:

    • Important to include security aspects alongside standard functionality in testing.

    • Example of profiling:

    • Checks not only if a function sorts data accurately but also if it meets performance criteria, e.g., sorting within 5 milliseconds.

Modern Testing Frameworks

  • Testing Frameworks Available:

    • Python: PyTest

    • Java: JUnit

    • Other languages have similar frameworks to support secure testing.

  • Importance of these frameworks to identify vulnerabilities before deployment.

Coverage in Testing

  • Metric of Coverage:

    • Defined as the percentage of code tested against total code available.

    • Example: Testing 1,500 functions out of 2,000 results in 75% coverage.

    • Coverage can reveal points of inadequacy in testing,

    • e.g., if security tests cover only 50% of the code, potential vulnerabilities may be overlooked.

Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST)

  • SAST (Static Application Security Testing):

    • Involves code analysis without executing it to find potential vulnerabilities.

    • Checks for adherence to secure coding standards and can reveal hidden issues before code execution.

    • Often integrated into build pipelines via code evaluation tools.

    • Linters are tools for code style and security checks:

    • Example: Ensuring proper coding style like spacing and bracket placement.

    • Security linters find issues like SQL injection patterns.

  • DAST (Dynamic Application Security Testing):

    • Tests the application during execution to identify vulnerabilities in real-time.

    • Simulates user interactions to uncover hidden flaws that arise only during runtime.

    • Tools employed can create automated tests and assess system responses under attack.

  • Both SAST and DAST are complementary and essential for thorough security testing.

Shift Left Testing

  • Concept of Shift Left Testing:

    • Earlier detection of vulnerabilities through integration of testing phases in the software development lifecycle.

    • Test Driven Development (TDD):

    • Writing tests before coding to ensure high-quality output as development progresses.

    • Example of TDD involves predicting output for known inputs before the implementation of the sorting function.

  • Encourages more testing before implementation leads to fewer errors during later stages.

Real-time Feedback and Test Creation

  • Tests arise from requirements and from practical experiences of developers.

  • Integration Tests:

    • Critical to think through how modules will interact.

    • Good testing needs to cover edge cases not explicitly mentioned in requirements documentation.

Benefits and Challenges of Testing

  • Testing framework identification and integration of automatic responses to testing failures bolster trust in software security.

  • Automated tools reduce costs associated with fixing post-deployment flaws by catching issues early.

  • Special focus on handling false positives and false negatives; managing the reliability of reports generated:

    • False Positive: The system indicates an issue where there is none.

    • False Negative: The system fails to detect a real issue.

  • Effective reporting and qualifying testing efforts necessitate well-defined metrics and responsibilities.

Tools Used in Security Testing

  • Tools such as OWASP ZAP, Metasploit, and SonarQube for aiding testing processes.

  • Continuous integration fosters a workflow where testing occurs seamlessly within coding practices.

  • Use of YARA rules for identifying vulnerabilities through pattern recognition within code.

Conclusion

  • Security testing intertwines closely with software development regardless of functional goals.

  • Awareness of both static and dynamic testing nuances assists in creating more secure applications.

  • Constant evolution in attack algorithms necessitates continual learning and adaptation in security practices.

  • Enduring engagement with developers and keeping tools updated significantly reduces potential vulnerabilities throughout the development lifecycle.