Indicators for security testing

Identify software vulnerabilities, threats, and risks to safeguard against unauthorized access and misconfiguration. This specialized testing aims to identify potential security flaws and reinforce the system's defenses.

Indicators

[QA.ST.1] Evolve vulnerability management processes to be conducive of DevOps practices
[QA.ST.2] Normalize security testing findings
[QA.ST.3] Use application risk assessments for secure software design
[QA.ST.4] Enhance source code security with static application security testing
[QA.ST.5] Evaluate runtime security with dynamic application security testing
[QA.ST.6] Validate third-party components using software composition analysis
[QA.ST.7] Conduct proactive exploratory security testing activities
[QA.ST.8] Improve security testing accuracy using interactive application security testing

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Security testing

[QA.ST.1] Evolve vulnerability management processes to be conducive of DevOps practices