Java Reference
In-Depth Information
Coniguration management testing needs to be performed before the application is rolled out
into production or before the application goes “live.” his would help ensure that any conigura-
tion-related vulnerabilities will be detected and corrected before the application is rolled out.
11.2.1.6 Change Management and Veriication—During Maintenance
Change management is essentially the complete set of processes employed on a project to ensure
that changes are implemented in a visible, controlled, and orderly fashion. he aim of change
management is to ensure that the entire process of a change—right from its initiation to its
deployment and monitoring—is done in an orderly manner. Change management is also nec-
essary when developing the application to ensure that any changes in the application are irst
discussed, approved, and only then implemented. Change management in the deployment phase
includes patch management, coniguration changes, upgrade of the operating system or other
platform resources, and so on for the Web application. Changes must be irst raised as a “change
request” where the requesting party must explain the reason for the change. he change request
is approved by cross-functional supervisors like the IT head, the information security oicer, and/
or the data owner. he change is then tested in a staging environment to observe its efects on the
data in the production environment, and only once the test results are positive is the change rolled
out. here are also procedures laid out for the rollback of the change request in case the change
adversely afects the system.
11.2.1.7 Periodic Health Checks—During Maintenance
Once an application has been deployed in an environment, it does not mean that the application
does not require any further tests, checks, and assessments. In fact, there is a great challenge in
maintaining the application in smooth functioning order when it is deployed in a live production
environment. Health checks are checks that constitute a combination of coniguration manage-
ment tests and periodic vulnerability assessment and penetration testing activities to ensure that
the application is not vulnerable to various threats due to the passing of time (certain vulnerabilities
in the platform elements being exploited) or being subject to nonsecure coniguration during the
passage of time. Health checks aim at identifying and correcting any anomalies in this situation.
11.2.2 Threat Models for Effective Security Testing
We have already explored in Section 11.2.1.1 that threat models are very beneicial for security
testing of Web applications. We will now delve deeply into the ways in which we can use threat
models (created during the risk assessment phase) most efectively in creating an efective, deep,
and comprehensive security testing practice.
Let us recall our learning of threat models from Chapter 5. Accordingly, a threat model is a
detailed scenario of how a particular threat identiies and exploits a given vulnerability or a given
set of vulnerabilities to compromise the application and gain access to sensitive information assets.
We have thus far understood that threat models can be used to understand the various threat
sources and their access points to sensitive information assets. his information is then used to
derive the security requirements for the Web application. However, this is not the only use for
threat models. hreat models prove to be invaluable during the testing the Web application for
security. hreat models can be used by security testers to design security tests to identify potential
vulnerabilities in the Web application and use it to exploit users. hreat models can be used to
Search WWH ::
Custom Search