The Role Of Testing In Software Security Assurance
The article examines the role of testing in ensuring software security, a topic of growing relevance due to the increasing complexity of IT systems and the rise in cyber threats. Software has become a critical component of enterprise infrastructure, government institutions, and everyday human life. Therefore, ensuring software security through effective testing has become one of the key priorities in the modern IT industry. This study explores contemporary security testing methods, encompassing both traditional approaches such as functional testing, penetration testing, static and dynamic code analysis, as well as modern automation techniques leveraging machine learning algorithms. A comprehensive analysis of publicly available scientific publications was conducted, focusing on the integration of security testing into the software development lifecycle (SDLC), with an emphasis on CI/CD practices, distributed testing, and continuous monitoring. The practical significance of this research lies in the applicability of the examined approaches to enhancing the security of information systems in a rapidly evolving IT landscape. The article will be of interest to cybersecurity specialists, lead developers, testing methodology researchers, and academics seeking to integrate advanced testing approaches into strategic cybersecurity measures for software systems.
1. Ustimenko L. R., Bileka T. O., Safonov I. A. Application of machine learning in software testing automation //Scientific research of students and students: a collection of articles XI. – 2024. – pp. 34. – 38.
2. Redkin P. A., Alyoshkin A. S. Software package for distributed testing of web applications //International Journal of Open Information Technologies. - 2024. – Vol. 12 (4). – pp. 125-132
3. Koch M. "Machine learning for software engineers". Packt Publishing. – 2018.
4. Menzies T., Shen Y. Automated assessment of efforts in software development using machine learning //Journal "Systems and Software. – 2016. – Vol. 120. – pp. 162-178.
5. Armando Y., Rosalina R. Penetration Testing Tangerang City Web Application With Implementing OWASP Top 10 Web Security Risks Framework //JISA (Jurnal Informatika dan Sains). – 2023. – Vol. 6 (2). – pp. 105-109.
6. Hanna S., Ahmad A. A. S. Web applications testing techniques: a systematic mapping study //International Journal of Web Engineering and Technology. – 2022. – Vol. 17 (4). – pp. 372-412.
7. Ali H. M., Hamza M. Y., Rashid T. A. A Comprehensive Study on Automated Testing with The Software Lifecycle // arXiv preprint arXiv:2405.01608. – 2024. – pp.1-13.
8. Li H. et al. A Review of Approaches for Detecting Vulnerabilities in Smart Contracts within Web 3.0 Applications //Blockchains. – 2023. – Vol. 1 (1). – pp. 3-18.
9. 5 A practical way to use security automation in developers. [Electronic resource] Access mode: https://www.jit.io/resources/devsecops/5-practical-use-cases-to-automate-security-in-devsecops (date of request: 02/14/2025).
10. Machine Learning in Cybersecurity: How It Works and Companies to Know. [Electronic resource] Access mode: https://builtin.com/artificial-intelligence/machine-learning-cybersecurity (accessed: 02/14/2025).
11. Machine learning in information security. [Electronic resource] Access mode: https://www.kaspersky.ru/enterprise-security/wiki-section/products/machine-learning-in-cybersecurity(date of request: 02/14/2025).
12. Application of machine learning and artificial intelligence technologies in information security [Electronic resource] Access mode: https://www.anti-malware.ru/analytics/Technology_Analysis/machine-learning-and-artificial-intelligence-in-is(date of request: 02/14/2025).
Copyright (c) 2025 International Journal of Engineering and Computer Science
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.