Mobile, Cloud and Web are converging to create overlapping areas of security that require constant innovation to handle the sensitive, confidential and yet publicly accessible data. With BYOD, this problem gets amplified with the wide variety of devices, OS and applications. Moreover, the right of users to leverage the capabilities of their personal devices often conflicts with enterprise mobile security policies and thus increases vulnerabilities and the risk of data leakage.
Security testing thus becomes an absolutely critical part of an organizations’ development strategy. The recent spurt of privacy breaches and security glitches which organizations are facing today almost mandates security testing.
This has led to an array of new Open source and commercial security testing tools which cater to limit the security risks to a minimum. However the success of the security testing depends a lot on manual testing and less on the tools.
There has been tremendous usage of both commercial and open source tools off late and here is my point of view on using them: Commercial tools have extensive reporting capability, the tools are constantly updated as technology and needs change and superior quality of support. The Open Source tools provide great depth of functionality but often at the expense of ease of use. Having said all this it is important to ensure we have pool of talent to support both open source and commercial tools in the market.
At Cigniti, over the last few years, we have built up a repository of security test cases and developed capabilities using both open source and proprietary security testing tools. Cigniti has the expertise in security testing for web applications, software products, networks and cloud. Using latest industry standards and testing methodologies, Cigniti offers a complete and in depth security analysis with reports and remedial measures for any issues found.
Authored by:- Mr. Raj Neravati, Chief Operating Officer, Cigniti Technologies