• Home
• Topics
• Topics Archive
• Software Quality Resources
• Where can I find software security test plan templates?

Where can I find software security test plan templates?

Requires Free Membership to View

Login



When you register, you'll receive targeted emails designed to keep you informed of the most relevant information on Agile development, application security, testing & QA, software requirements, and more.

Hannah Smalltree, Editorial Director

• E-mail Address: 

By submitting your registration information to SearchSoftwareQuality.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSoftwareQuality.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

The most important question you have to answer is: What are we trying to accomplish here? Do you need an all out assessment so you can sleep at night knowing your customers have gotten the most secure application from your team? Or, are you trying to meet some basic minimum security standards from a customer, business partner, or regulatory body such as those mandated by the PCI Standards Council?

The main areas to test center around user access, data input, and system configuration. Look at all of these areas from the perspectives of both untrusted outsiders (without authentication) and trusted insiders (with authentication). A combination of good vulnerability scanners, source code analyzers, and manual analysis across these main areas will serve to uncover the security flaws that matter in your environment - especially if you already have a documented set of requirements and standards upon which the application was built.

Dig Deeper

This was first published in July 2010

More from Related TechTarget Sites

• SOA
• Java
• Windows Development
• Oracle
• Cloud computing
• Business Analytics

• SOA

  • App integration advisory: Use ESBs for message routing, translation

    Middleware experts advise that an ESB can help a SOA, but it can be harmful if used in the wrong cases.

  • How will mainframes fare in the face of mobile and Web?

    Heard at IBM Impact: Mainframes mean high-integrity transactions. How does this jibe with mobile apps using ''eventually consistent'' transactions?

  • Is REST remaking SOA? Gateways add features

    Lightweight REST-based SOA is beginning to exist aside established enterprise SOA. Crosscheck’s Mamoon Yunus discusses the trend.

• Java

  • Scaling up and scaling out to meet new business demands

    Scaling up and scaling out are two ways for growing businesses to increase productivity, but doing so blindly may be more costly than it's worth.

  • On-demand computing models support Web application scalability

    The on-demand nature of cloud computing has put scalable Web applications within easy reach for businesses of all sizes.

  • Automate Web server load balancing for high scalability

    Automating Web server load balancing tasks provides high scalability for enterprise applications.

• Windows Development

  • Where can I find Visual Basic 6.0 DataEnvironment code samples?

    Get information on the best places to find Visual Basic DataEnvironment 6.0 code samples.

  • Testing methods in Visual Studio 2010

    This is the second part in a two part series on unit testing in Visual Studio 2010.

  • Unit testing in Visual Studio 2010

    Visual Studio 2010 contains a unit testing framework, and I’ll show you how to use it to automate your own unit tests.

• Oracle

  • Midmarket companies find JD Edwards upgrades a good fit

    At some point, your JD Edwards shop will have to decide whether to switch to a different product, upgrade or stay where you are. Learn what two other organizations did when working through JD Edwards upgrades.

  • Jury issues partial verdict in Oracle vs. Google Java lawsuit

    The jury has issued a partial verdict in the copyright phase of the Oracle vs. Google lawsuit, in which Oracle is claiming that Google violated Java patents and copyright with its Android mobile operating system.

  • Support of Oracle customizations

    Sebastian Grady, president of Oracle third-party support firm Rimini Street, explains how Oracle does not support Oracle software customizations.

• Cloud computing

  • Azure’s identity crisis and other cloud computing sound bites

    Microsoft Azure wants to be called Loretta. No, that’s not true. Or is it? Find out that answer and other news overheard in the cloud this past week.

  • Is PaaS just another four-letter word in cloud computing?

    PaaS is a quick fix for companies looking to deploy new apps, but established firms with legacy apps may consider it a dirty word.

  • PaaS selection starts at the programming language

    The PaaS market is growing without a single leader or approach. Picking a model should involve more than just saying, ‘Eeney, meeney, miney, moe.’

• Business Analytics

  • On the go the way to go? Answer lies with building mobile BI business case

    According to a recent Gartner survey, mobile technology is the second most important priority for CIOs in 2012, but building the business case is easier said than done.

  • Basic vs. complex: Companies walk the line on analytics best practices

    Businesses looking to build effective business intelligence and analytics programs have to toe the line between focusing on the basics and using new technology to build more complex BI systems.

  • Real estate company refines, expands geographic information system

    Marcus & Millichap shakes off its archaic data cleansing and analytics system for more automated processes, enabling the firm to explore its data on a more granular level.

• About us
• Contact us
• Site index
• Privacy policy
• Advertisers
• Business partners
• Events
• Media kit
• TechTarget corporate site
• Reprints
• Site map