Saturday, July 27, 2019
Penetration Testing Essay Example | Topics and Well Written Essays - 1500 words
Penetration Testing - Essay Example E-commerce systems tend to be high-end targets to security breaches and vulnerabilities. Such vulnerabilities can be exploited by conducting certain attack tests that target to steal information and corrupt the system functioning. The tests are carried out in a controlled environment where due damages may be reversed and the system retracted back to a stable state. However, not all systems use the same principles for penetration testing. Various systems call for various methods so as to exploit their varied vulnerabilities. An e-commerce system, for instance, stands to suffer security risks more through attacks where it crosses through networks. Therefore, for an e-commerce system, a unique testing methodology is carried out, where the authentication systems used are inspected and exploited to show any possible vulnerabilities. This form of tests are carried out in an environment where they can exactly mimic the behavior of such attacks. That is, they occur in real-time, parallel to the system as such attacks would. E-commerce systems keep on growing in functionalities and complexities by the day. E-commerce systems are now being spread out to include applications in mobile devices and web-based application systems. As these functionalities continue to grow, so do the security risks for such a system. For such an extensive system, to effectively do the penetration tests they need to include applications penetration tests. These penetration tests will cover the normal vulnerabilities such as SQL injections and Cross Site Scripting and Cross Site Request Forgery tests. Penetration tests conducted for this firm cover the major cross-interaction gateways in the systems. That is; payment integration flaws, flaws in the systemââ¬â¢s content manager amongst other vulnerability tests. Several conventional attacks in e-commerce systems are carried out on the payment gateways. For example, an attacker
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.