Performance and penetration testing with a partner: how to start (1)

1
Mikhail Grechukha Program Manager at QATestLab
Performance and penetration testing with a
partner how to start
Marcel Diepenbroek Director at InnSpire
2
Mikhail Grechukha Program Manager at QATestLab
3
Marcel Diepenbroek Director at InnSpire Test
Automation Solutions
4
What is penetration testing?
Being a type of security testing, pentesting is
called to detect system vulnerabilities by
simulating malicious attacks. For every company
to keep corporate and customers data protected,
penetration testing is recommended.
5
Why pentesting

• Detect security vulnerabilities
• Protection of confidential data
• Improve companys security strategy
• Ensure companys reliability

6
When to do pentesting?
Only regular penetration testing can minimize the
risks of security vulnerabilities and ensure
strong protection of data.
7
Absence of pentesting causes

• Customers database in competitors hands
• Disclosure of confidential data
• Theft of financial information
• Corruption of critical data
• Loss of companys reputation

8
Why partner with QATestLab InnSpire for
pentesting?
A new approach and new issues detected when
switching security partners Security and
vulnerability have no geographical
boundaries Best use of international skills and
security toolsets
9

• Examples of used international security toolsets
• Scanners (Acunetix WVS, Zed Attack Proxy)
• Support tools (SSLStrip, Fiddler, SQLMap)
• Manual testing by OWASP methodology
• Tools depend on the type of application
  
  application traffic scanning, data
  decryption, checks for specific types of
  vulnerabilities.
• Check on types of vulnerabilities
• SQL injections, parameters pollution, URL access,
  storage security, invalidated redirects and
  forwards, session/password management and
  authentication, HTTP protection etc

10
What is performance testing?
Performance testing is called to improve software
stability, reliability and scalability by
detecting performance bottlenecks.
11
Virtual user
Virtual user
Load Test
Endurance Test
1h
5hs
Test time
Test time
Virtual user
Virtual user
Stress Test
Peak Test
Test time
Test time
12
Why performance testing

• Improvement of user experience
• Software stability and scalability
• Smooth workflow under different loads
• Prevention of crashes
• Acceleration of working speed

13
When to do performance testing

• Performance testing can be started
• before/during development
• a final check before go-live
• database, web servers and network should also be
  verified.

14
Why partner with QATestLab InnSpire for
performance testing?

• 1 Dutch expert managing the project
• You focus on questions metrics
• We take care of everything
• including test execution, scripting tool
  choice, reports
• Optimum use of international skills, and
  performance tools
• gt100 experts available!

• Some examples of test
• tools to be used

15
Contacts
E-mail contact_at_qa-testlab.com
E-mail marceldiepenbroek_at_innspire.nl
Phone 380 (44) 501-55-48
Phone 31 6 14 64 99 69
Web-site qatestlab.com
SkypeID sales.qatestlab
16
16
Thank you