Software Security Testing Tools

Email Alerts

Register now to receive SearchSoftwareQuality.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • pen test (penetration testing)

    Penetration testing (also called pen testing) is a tool for testing a computer system, network or Web application to find vulnerabilities that an attacker could exploit. (Continued) 

  • static verification

    Static verification is the set of processes that analyzes code to ensure defined coding practices are being followed, without executing the application itself. 

  • auditor

    In Web advertising, this usually means a third-party company that audits the number of visitors to or impression sent from a Web site during some time period. 

  • obfuscation

    Obfuscation, in general, describes a practice that is used to intentionally make something more difficult to understand. In an programming context, it means to make code harder to understand or read. 

  • Java Cryptography Extension (JCE)

    The Java Cryptography Extension (JCE) is an application program interface (API) that provides a uniform framework for the implementation of security features in Java. 

  • Java Authentication and Authorization Service (JAAS)

    The Java Authentication and Authorization Service (JAAS) is a set of application program interfaces (APIs) that can determine the identity of a user or computer attempting to run Java code, and ensure that the entity has the privilege or permission t... 

  • vulnerability scanner

    A vulnerability scanner is a program that performs the diagnostic phase of a vulnerability analysis, also known as vulnerability assessment... (Continued) 

  • countermeasure

    A countermeasure is an action, process, device, or system that can prevent, or mitigate the effects of, threats to a computer, server or network. 

  • CGI scanner

    A CGI (common gateway interface) scanner is a program that searches for known vulnerabilities in Web servers and application programs by testing HTTP requests against known CGI strings... (Continued) 

About Software Security Testing Tools

Tools for software security testing, also called penetration testing, can vary depending on the application under test and the type of security test being performed. Black box testing technologies are those in which the software internals and architecture are unknown. Technology incorporated into tools for security black box testing include fuzzing, syntax testing and test scaffolding. Web security testing comes with its own set of specific considerations and there are many tools designed to specifically address Web-based application vulnerabilities.