11 Security testing

This chapter covers

• The similarities in skill sets for those working in testing or security-focused fields
• Detecting security threats using modeling
• How to apply a security mindset to a range of testing activities

For some, the idea of security testing can conjure up images of individuals carrying out highly technical and complex attacks that discover unimaginable exploits in our systems. Although having knowledge of how systems work, how they can be exploited, and how to use tools to discover threats is a key ingredient to successful security testing, incorrect assumptions about security testing promote the idea that it is an exclusive club open only to those with superhuman technical skills. However, security testing isn’t ...