Security Testing Basics

Find simple holes before someone else does.

Manual QA Module 5 Lesson 1
10 min read

What you'll learn

  • Know common weak spots.
  • Check access and input.
  • Use safe habits while testing.
Manual QAlessonsJump to another lesson

Security Testing Basics

Find simple holes before someone else does.

Big Picture

One small picture can make this idea easier to hold.

Open door

  • Easy to enter.
  • Weak control.
  • More exposure.
  • Risk of misuse.

Locked door

  • Needs the right key.
  • Checks access.
  • Less exposure.
  • Better protection.

VerdictSecurity testing looks for doors that should stay closed.

How It Moves

Short steps make the flow easier to see.

1

Map entry points

Find logins, forms, and APIs.

2

Test login

Check if users sign in safely.

Test access

See who can reach what.

Test input

Try bad or odd data.

Step By Step

This is the same idea, stretched across time.

  1. 1

    Entry points found

    The tester lists doors and forms.

  2. 2

    Access checked

    The tester sees who can enter.

  3. 3

    Bad input tried

    The tester checks how the app reacts.

  4. 4

    Issue reported

    The team fixes the weak spot.

One Small Model

Think of this like a tiny card you can keep in your pocket.

Security checklist

5 fields
Login:"Can the right user enter?"
Access:"Can the user reach only allowed data?"
Input:"Can bad data get in?"
Session:"Does sign-in stay safe?"
Logs:"Are security events recorded?"
A small checklist catches many common holes.

Quick Check

Question 1 of 10 correct

Which is a basic security test?

Map It

One more picture helps you see where this lesson matters most.

Attack surface vs impact

Impact
High

Small, low

Tiny public page

Large, low

Many harmless forms

Small, high

Admin page

Large, high

Login and payment paths

Low
SmallLarge
Attack surface
High-impact access paths need the most care.

Final Quiz

Question 1 of 30 correct

What should a basic security test check?