Security School

Get started Bring yourself up to speed with our introductory content.

CISSP Domain 6: The importance of security assessments and testing

While it may not be the sexiest part of the job, regularly performing security assessment and testing will help you identify otherwise unknown vulnerabilities and prevent disasters down the line.


Urgent requests, imminent deadlines or just plain old excitement -- there are a lot of reasons why applications and services get rushed into deployment before they're thoroughly vetted for vulnerabilities. But it’s up to infosec pros to pump the brakes and make sure anything entering the IT environment has undergone proper security assessment and testing, because all it takes is one line of bad code to create an exploit.

In this Security School, based on (ISC)² CISSP training material on Domain 6 of the exam -- Security Assessment and Testing -- learn about techniques and tools used to identify and resolve possible attack surfaces, as well as the importance of testing software for vulnerabilities early and often. In his video, expert Adam Gordon explains how infosec pros can partners with software teams to ensure security assessment and testing is performed before, during and after application development. In addition, Gordon provides a comprehensive overview of different types of security testing techniques in his tip. 

Once you've reviewed the parts of this Security School on security assessment and testing, take the quiz to see how much you have learned about vulnerability assessment, threat modeling, code review and more.

View our Security School Course Catalog to view more schools.

CISSP® is a registered mark of (ISC)².

1Learning links-

Prepare for Domain 6: Security assessment and testing

Going back to the old adage of "better safe than sorry," performing a security assessment and testing on enterprise applications and services is one of those tasks you want to ensure is a regular part of your IT organization's workflow. Otherwise, overlooking this step can have drastic consequences.


Learn about common security testing tools and methods

Software bugs are more than a nuisance. Errors can expose vulnerabilities. Here’s the good news: These security testing tools and techniques can help you avoid them. Continue Reading


Security and systems symbiosis in software validation , design

Security and function don’t have to compete. By working together, information security pros and systems administrators can build better, more secure software. Continue Reading


CISSP Domain 6 quiz: Vulnerabilities in software

Domain 6 of the CISSP exam tests how well you understand the security assessment and testing strategies needed to recognize, prevent and remedy vulnerabilities in software. Continue Reading

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.