No edit summary |
|||
| Line 11: | Line 11: | ||
==References== |
==References== |
||
<references /> |
<references /> |
||
| + | |||
| + | == See also == |
||
| + | |||
| + | * [[External security testing]] |
||
| + | * [[Internal security testing]] |
||
[[Category:Legislation]] |
[[Category:Legislation]] |
||
[[Category:Legislation-U.S.-Federal]] |
[[Category:Legislation-U.S.-Federal]] |
||
Revision as of 22:21, 19 April 2011
DMCA
Under Section 1201 of the U.S. copyright law, security testing means
| “ | accessing a computer, computer system, or computer network, solely for the purpose of good faith testing, investigating, or correcting, a security flaw or vulnerability, with the authorization of the owner or operator of such computer, computer system, or computer network.[1] | ” |
General
Security testing is a process used to evaluate the effectiveness of implemented security measures or controls and to identify, validate, and assess security weaknesses so that they can be addressed. Such testing should be one component of an overall security program that also includes assigned security responsibilities, risk assessment, system requirements, planning, policies, and procedures. This testing includes hands-on functional testing, penetration testing, and verification.
References
- ↑ 17 U.S.C. §1201(j)(1)(A).