Application security Testing encompasses measures taken throughout the code’s life-cycle to prevent gaps in the security policy of an application or the underlying system(vulnerabilities) through flaws in the design, development, upgrade, or maintenance of the application.
Threats, attacks, vulnerabilities, and countermeasures:
According to the patterns & practices Improving Web Application Security book, the following terms are relevant to application security:
Asset. A resource of value such as the data in a database or on the file system, or a system resource.
Threat. Anything that can exploit a vulnerability and obtain, damage, or destroy an asset.
Vulnerability. A weakness or gap in security program that can be exploited by threats to gain unauthorized access to an asset.
Attack . An action taken to harm an asset.
Countermeasure. A safeguard that addresses a threat and mitigates risk.
Web Penetration Testing | Application Penetration Testing | Web Application Security Testing | Information Security Company | Network Security Services | Top Network Security Companies | Secure Coding Practices | Source Code Audit