160 likes | 254 Views
Even for small and midsize businesses, the security and response times of their IT <br>systems are critical. Therefore it’s important to run the systems through thorough<br> testing before launching them into production. But the execution of performance and<br> penetration testing can be challenging. In-house teams often lack the time, experience<br> or knowledge of the test tools and test techniques required.
E N D
Mikhail Grechukha Program Manager at QATestLab Performance and penetration testing with a partner: how to start Marcel Diepenbroek Director at InnSpire
Mikhail Grechukha Program Manager at QATestLab
Marcel Diepenbroek Director at InnSpire Test Automation Solutions
What is penetration testing? Being a type of security testing, pentesting is called to detect system vulnerabilities by simulating malicious attacks. For every company to keep corporate and customers’ data protected, penetration testing is recommended.
Why pentesting • Detect security vulnerabilities • Protection of confidential data • Improve company’s security strategy • Ensure company’s reliability
When to do pentesting? Only regular penetration testing can minimize the risks of security vulnerabilities and ensure strong protection of data.
Absence of pentesting causes • Customers’ database in competitors’ hands • Disclosure of confidential data • Theft of financial information • Corruption of critical data • Loss of company’s reputation
Why partner with QATestLab & InnSpire for pentesting? A new approach and new issues detected when switching security partners Security and vulnerability have no geographical boundaries Best use of international skills and security toolsets
Examples of used international security toolsets: • Scanners (Acunetix WVS, Zed Attack Proxy) • Support tools (SSLStrip, Fiddler, SQLMap…) • Manual testing by OWASP methodology • Tools depend on the type of application: application traffic scanning, data decryption, checks for specific types of vulnerabilities. • Check on types of vulnerabilities: • SQL injections, parameters pollution, URL access, storage security, invalidated redirects and forwards, session/password management and authentication, HTTP protection etc
What is performance testing? Performance testing is called to improve software stability, reliability and scalability by detecting performance bottlenecks.
Virtual user Virtual user Load Test Endurance Test ~1h ~5hs Test time Test time Virtual user Virtual user Stress Test Peak Test Test time Test time
Why performance testing • Improvement of user experience • Software stability and scalability • Smooth workflow under different loads • Prevention of crashes • Acceleration of working speed
When to do performance testing • Performance testing can be started • before/during development • a final check before go-live • database, web servers and network should also be verified.
Why partner with QATestLab & InnSpire for performance testing? Some examples of test tools to be used: • 1 Dutch expert managing the project • You focus on questions & metrics • We take care of everything: • including test execution, scripting & tool choice, reports • Optimum use of international skills, and performance tools • >100 experts available!
Contacts E-mail:contact@qa-testlab.com E-mail:marceldiepenbroek@innspire.nl Phone: +380 (44)501-55-48 Phone: +31 6 14 64 99 69 Web-site:qatestlab.com SkypeID:sales.qatestlab
16 Thank you