What is security testing? Please suggest how can I start. Any tools or any methods?
I want to learn security testing. To be candid I have just heard this term and never tried it. Is it beneficial for the product if security testing is done? How can I start? Do organizations value security testing and would it be another asset if added to my skill set?
There are different types of security testing all with their own path. It could be from actual penetration testing to just risks analysis.
From my experience (in the software development world) security testing is often ignored until a client asks for an audit or only executed after a security breach has happened. This greatly depends on the industry and type of product ofcourse.
It would certainly be an asset for any serious company, at-least someone should be aware of security risks and have a strategy to mitigate them.