Security Testing
Security testing is a process used to determine whether an information system protects data and maintains its functionality as intended.
SQS offers companies both full life-cycle security testing (i.e. security testing throughout an organisations development life-cycle) and technology-based security testing (i.e. security testing throughout an organisation’s technology implementation) to provide comprehensive security coverage of an application or technology implementation.
The six basic security concepts that need to be covered by security testing are:- Confidentiality
- Integrity
- Authentication
- Authorisation
- Availability
- Non-repudiation
Life-Cycle Security Testing
SQS’s proprietary life-cycle security testing methodologies provide an organisation with an independent security assessment throughout the development life-cycle to ensure that projects are secure by inception, design and implementation. Our methodologies are based on our comprehensive experience in project implementations as well as leading practice guidelines (IEEE, ISO27001, PCI-DSS, CERT Secure Coding Standards and Microsoft’s Security Development Life-Cycle etc.)
Technology-Based Security Testing
Where an organisation wants to evaluate the current threat landscape of existing or newly implemented technologies, SQS is able to provide security testing solutions that enable partial or full coverage throughout the technology layers. The aim of the execution of a defined technology-based security assessment is to establish a security baseline.
The customer’s benefits at a glance:
- Security testing by experienced test specialists
- High certainty about system security
- Consideration of leading practice guidelines
- Cost-effectiveness and efficiency
