Jarrabawar tsaro tana kimantawa software don raunin tsaro da kahanin tsaro — tabbatar da yana karya bayani da yana tsaya wa hari. Ita ta haɗa da fasafohi daban-daban (SAST, DAST, jarrabawar cutacuta, bincike a cikin abubuwan kariya) kuma ita ƙaƙƙarfo a matsayin ƙaura na tsaro na iya samun sakamako mai sakaci.
Abin da jarrabawar tsaro ke bincike
Security testing finds VULNERABILITIES and verifies defenses:
→ common flaws: injection (SQL, etc.), XSS, broken authentication/authorization,
sensitive data exposure, misconfigurations, vulnerable dependencies (OWASP Top 10)
→ does the app properly authenticate, authorize, validate input, encrypt data, etc.?
→ ensures the software resists attacks and protects data/users.
