(19)
(11)EP 3 214 569 B1

(12)EUROPEAN PATENT SPECIFICATION

(45)Mention of the grant of the patent:
29.04.2020 Bulletin 2020/18

(21)Application number: 16176951.8

(22)Date of filing:  29.06.2016
(51)International Patent Classification (IPC): 
G06F 21/57(2013.01)

(54)

METHOD AND SYSTEM FOR IDENTIFYING TEST CASES FOR PENETRATION TESTING OF AN APPLICATION

VERFAHREN UND SYSTEM ZUR IDENTIFIZIERUNG VON TESTFÄLLEN ZUR EINDRINGUNGSPRÜFUNG EINER ANWENDUNG

PROCÉDÉ ET SYSTÈME D'IDENTIFICATION DE CAS D'ESSAI POUR TEST DE PÉNÉTRATION D'UNE APPLICATION


(84)Designated Contracting States:
AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

(30)Priority: 01.03.2016 IN 201641007234

(43)Date of publication of application:
06.09.2017 Bulletin 2017/36

(73)Proprietor: Wipro Limited
560 035 Karnataka (IN)

(72)Inventors:
  • JAYARAMAN, Venkata Subramanian
    600051 Chennai (IN)
  • SUNDARESAN, Sumithra
    600075 Chennai (IN)

(74)Representative: Finnegan Europe LLP 
1 London Bridge
London SE1 9BG
London SE1 9BG (GB)


(56)References cited: : 
US-A1- 2014 137 257
US-A1- 2015 381 650
  
  • Bg19bot: "CVSS - Wikipedia", , 12 January 2016 (2016-01-12), XP055385206, Retrieved from the Internet: URL:https://en.wikipedia.org/w/index.php?t itle=CVSS&oldid=699422810 [retrieved on 2017-06-26]
  
Note: Within nine months from the publication of the mention of the grant of the European patent, any person may give notice to the European Patent Office of opposition to the European patent granted. Notice of opposition shall be filed in a written reasoned statement. It shall not be deemed to have been filed until the opposition fee has been paid. (Art. 99(1) European Patent Convention).


Description

Technical Field



[0001] The present subject matter is related, in general to data analytics, and more particularly, but not exclusively to a method and a system for identifying one or more test cases for penetration testing of an application associated with an entity.

Background



[0002] One of the major uses of data analytics is the predictions that can be made based on the analysis and co-relate the results obtained to the overall success that could be achieved. Data analytics helps in finding any kind of security breach and data breach as well.

[0003] Currently, the journey towards digitization has reached a stage where the security breaches and data breach is inevitable. The leak of sensitive information creates a massive need to identify and address the threat. When cloud virtualization and big data are considered, bigger risks have been injected in the system. Therefore, penetration testing is of utmost importance to overcome the security breaches and the data breach. The method whereby safety, security and compliance testing can be carried out seamlessly by doing testing around risk and vulnerabilities is known as penetration testing. The penetration testing/pen test is a software attack on a computer system that looks for security weaknesses, potentially gaining access to the computer's features and data. However, penetration testing is very complicated and expensive.

[0004] Existing systems provide several methods to perform the penetration testing. But mostly, the testing performed with existing tools provides only individual results. As an example, Nmap, tool can do only port mapping and scans the data. But the tool does not look for any user pattern or attacker pattern. Further, as an example, Nessus is a tool that performs an Operating System (OS) detection and vulnerability test. But the Nessus tool does not provide an overview of how and where the human error can happen. Furthermore, existing methods provide password cracking tools that crack only the password to show the human error possibilities. But the password cracking tool does not provide a market study pattern to show the business user about various possibilities of errors. Therefore, the cost involved in penetration testing using the existing methods is very high and the process provided is complicated which hinders the business. This leads to the loss of customer expectation and satisfaction.

[0005] Therefore there is a need for a method and a system which provides an effective way of analysing data so that one or more test cases can be identified for penetration testing of an application associated with an entity to overcome the cost and time related issues.

[0006] US 2015/381650 A1 and US 2014/137257 A1 are further prior art.

Summary



[0007] The present invention is defined by the appended independent claims 1, 10, and 11.

[0008] One or more shortcomings of the prior art are overcome and additional advantages are provided through the present disclosure. Additional features and advantages are realized through the techniques of the present disclosure. Other embodiments and aspects of the disclosure are described in detail herein and are considered a part of the claimed disclosure.

[0009] Disclosed herein are a method and a system for identifying one or more test cases for penetration testing of an application associated with an entity. The one or more test cases are identified based on scores that are determined considering all the parameters involved in penetration testing such as threat to the application, vulnerability of the application to the threats, human error while developing the application, impact of the application on business and popularity of the application among people. The identified one or more test cases determine part of the application on which penetration testing has to be performed, thereby reducing the cost and time related issues for performing penetration testing on the entire application.

[0010] Accordingly, the present disclosure relates to a method of identifying one or more test cases for penetration testing of an application associated with an entity, the method comprising: receiving, by an application testing system, data related to the application from one or more data sources; determining, based on the received data, by the application testing system, a threat score indicating one or more threats to the application, a vulnerability score indicating one or more vulnerabilities of the application to the one or more threats, a human error score indicating probability of the one or more threats due to one or more human errors, a business impact score indicating impact of the application on the entity, and a popularity score indicating popularity of the application; determining, by the application testing system, a threat quantifier value based on the threat score, the vulnerability score and the human error score; determining, by the application testing system, an impact quantifier value based on the business impact score and the popularity score; determining, by the application testing system, a threat severity level and an impact severity level based on the corresponding threat quantifier value and the impact quantifier value; and identifying, by the application testing system, the one or more test cases based on the threat severity level and the impact severity level for performing penetration testing of the application.

[0011] In an embodiment, determining the threat score comprises: classifying, by the application testing system, one or more predefined threat parameters related to an application type into one of a low category, a medium category, and a high category; assigning, by the application testing system, a predefined weightage value to the low category, the medium category and the high category; and determining, by the application testing system, the threat score based on the assigned predefined weightage value using a first predefined technique.

[0012] In an embodiment, determining the vulnerability score comprises: classifying, by the application testing system, one or more predefined vulnerability parameters related to a vulnerability data into one of a low category, a medium category, and a high category; assigning, by the application testing system, a predefined weightage value to the low category, the medium category and the high category; and determining, by the application testing system, the vulnerability score based on the assigned predefined weightage value using a second predefined technique.

[0013] In an embodiment, determining the human error score comprises: classifying, by the application testing system, one or more predefined human error parameters related to a human error data into one of a low category, a medium category, and a high category; assigning, by the application testing system, a predefined weightage value to the low category, the medium category and the high category; and determining, by the application testing system, the human error score based on the assigned predefined weightage value using a third predefined technique.

[0014] In an embodiment, determining the business impact score comprises: classifying, by the application testing system, one or more predefined business impact parameters related to a business impact data into one of a low category, a medium category, and a high category; assigning, by the application testing system, a predefined weightage value to the low category, the medium category and the high category; and determining, by the application testing system, the business impact score based on the assigned predefined weightage value using a fourth predefined technique.

[0015] In an embodiment, determining the popularity score comprises: classifying, by the application testing system, one or more predefined popularity parameters related to a popularity data into one of a low category, a medium category, and a high category; assigning, by the application testing system, a predefined weightage value to the low category, the medium category and the high category; and determining, by the application testing system, the popularity score based on the assigned predefined weightage value using a fifth predefined technique.

[0016] In an embodiment, determining the impact severity level comprises: comparing, by the application testing system, the impact quantifier value with one or more predefined impact range of values, wherein each of the one or more predefined impact range of values is associated with one of a low category, a medium category and a high category; and obtaining, by the application testing system, one of the low category, the medium category and the high category corresponding to the matched predefined impact range of value.

[0017] Further, the present disclosure relates to a method of identifying one or more test cases for penetration testing of an application associated with an entity. The method comprises receiving, by an application testing system, data related to the application from one or more data sources. Thereafter, the application testing system determines a threat score indicating one or more threats to the application, a vulnerability score indicating one or more vulnerabilities of the application to the one or more threats, a human error score indicating probability of the one or more threats due to one or more human errors, a business impact score indicating impact of the application on the entity, and a popularity score indicating popularity of the application based on the received data. Further, the application testing system determines a threat quantifier value based on the threat score, the vulnerability score and the human error score. Thereafter, the application testing system determines an impact quantifier value based on the business impact score and the popularity score. Upon determining the threat quantifier value and the impact quantifier value, the application testing system determines a threat severity level and an impact severity level based on the corresponding threat quantifier value and the impact quantifier value. Finally, the application testing system identifies the one or more test cases based on the threat severity level and the impact severity level for performing penetration testing of the application.

[0018] Further, the present disclosure relates to an application testing system to identify one or more test cases for penetration testing of an application associated with an entity. The application testing system comprises a processor and a memory communicatively coupled to the processor, wherein the memory stores the processor-executable instructions, which, on execution, causes the processor to receive data related to the application from one or more data sources. Upon receiving the data related to the application, the processor determines a threat score indicating one or more threats to the application, a vulnerability score indicating one or more vulnerabilities of the application to the one or more threats, a human error score indicating probability of the one or more threats due to one or more human errors, a business impact score indicating impact of the application on the entity, and a popularity score indicating popularity of the application based on the received data. Further, the processor determines a threat quantifier value based on the threat score, the vulnerability score and the human error score. Upon determining the threat quantifier value, the processor determines an impact quantifier value based on the business impact score and the popularity score. Furthermore, the processor determines a threat severity level and an impact severity level based on the corresponding threat quantifier value and the impact quantifier value. Finally, the processor identifies the one or more test cases based on the threat severity level and the impact severity level for performing penetration testing of the application.

[0019] Further, the present disclosure comprises a non-transitory computer readable medium including instructions stored thereon that when processed by at least one processor causes an application testing system to perform operations comprising receiving data related to the application from one or more data sources. The instructions further cause the processor to determine a threat score indicating one or more threats to the application, a vulnerability score indicating one or more vulnerabilities of the application to the one or more threats, a human error score indicating probability of the one or more threats due to one or more human errors, a business impact score indicating impact of the application on the entity, and a popularity score indicating popularity of the application based on the received data. Thereafter, the instructions cause the processor to determine a threat quantifier value based on the threat score, the vulnerability score and the human error score. Further, the instructions cause the processor to determine an impact quantifier value based on the business impact score and the popularity score. Furthermore, the instructions cause the processor to determine a threat severity level and an impact severity level based on the corresponding threat quantifier value and the impact quantifier value. Finally, the instructions cause the processor to identify the one or more test cases based on the threat severity level and the impact severity level for performing penetration testing of the application.

[0020] The foregoing summary is illustrative only and is not intended to be in any way limiting. In addition to the illustrative aspects, embodiments, and features described above, further aspects, embodiments, and features will become apparent by reference to the drawings and the following detailed description.

Brief Description of the Accompanying Diagrams



[0021] The accompanying drawings, which are incorporated in and constitute a part of this disclosure, illustrate exemplary embodiments and, together with the description, serve to explain the disclosed principles. In the figures, the left-most digit(s) of a reference number identifies the figure in which the reference number first appears. The same numbers are used throughout the figures to reference like features and components. Some embodiments of system and/or methods in accordance with embodiments of the present subject matter are now described, by way of example only, and with reference to the accompanying figures, in which:

Fig.1 shows an exemplary architecture to identify one or more test cases for penetration testing of an application associated with an entity, in accordance with some embodiments of the present disclosure.

Fig.2 shows a detailed block diagram of an application testing system to identify one or more test cases for penetration testing of an application associated with an entity in accordance with some embodiments of the present disclosure.

Fig.3 illustrates a flowchart to identify one or more test cases for penetration testing of an application associated with an entity, in accordance with some embodiments of the present disclosure.

Fig.4 is a block diagram of an exemplary computer system for implementing embodiments consistent with the present disclosure.



[0022] It should be appreciated by those skilled in the art that any block diagrams herein represent conceptual views of illustrative systems embodying the principles of the present subject matter. Similarly, it will be appreciated that any flow charts, flow diagrams, state transition diagrams, pseudo code, and the like represent various processes which may be substantially represented in computer readable medium and executed by a computer or processor, whether or not such computer or processor is explicitly shown.

Detailed Description



[0023] In the present document, the word "exemplary" is used herein to mean "serving as an example, instance, or illustration." Any embodiment or implementation of the present subject matter described herein as "exemplary" is not necessarily to be construed as preferred or advantageous over other embodiments.

[0024] While the disclosure is susceptible to various modifications and alternative forms, specific embodiment thereof has been shown by way of example in the drawings and will be described in detail below. It should be understood, however that it is not intended to limit the disclosure to the particular forms disclosed, but on the contrary, the disclosure is to cover all modifications, equivalents, and alternative falling within the scope of the disclosure.

[0025] The terms "comprises", "comprising", or any other variations thereof, are intended to cover a non-exclusive inclusion, such that a setup, device or method that comprises a list of components or steps does not include only those components or steps but may include other components or steps not expressly listed or inherent to such setup or device or method. In other words, one or more elements in a system or apparatus proceeded by "comprises... a" does not, without more constraints, preclude the existence of other elements or additional elements in the system or method.

[0026] The present disclosure relates to a method and a system to identify one or more test cases for penetration testing of an application associated with an entity. An application testing system receives data related to the application from one or more data sources. As an example, the data related to the application may include, but not limited to, application type, vulnerability data, human error data, business impact data and popularity data. The received data related to the application is used to determine a threat score, a vulnerability score, a human error score, a business impact score and a popularity score. The threat score indicates one or more threats to the application and the vulnerability score indicates the one or more vulnerabilities of the application to the one or more threats. Further, the human error score indicates probability of the one or more threats due to one or more human errors, the business impact score indicates the impact of the application on the entity and the popularity score indicates popularity of the application. Further, the application testing system identifies a threat quantifier value based on the threat score, the vulnerability score and the human error score. Upon identifying the threat quantifier value, the application testing system determines an impact quantifier value based on the business impact score and the popularity score. The term "threat quantifier value" is preferably used herein to provide a measure of the total/overall likelihood of a threat occurring when using an application. The application testing system then determines a threat severity level based on the threat quantifier value and the impact severity level based on the impact quantifier value. Based on the determined threat severity level and the impact severity level, the application testing system identifies the one or more test cases for performing penetration testing of the application.

[0027] In the following detailed description of the embodiments of the disclosure, reference is made to the accompanying drawings that form a part hereof, and in which are shown by way of illustration specific embodiments in which the disclosure may be practiced. These embodiments are described in sufficient detail to enable those skilled in the art to practice the disclosure, and it is to be understood that other embodiments may be utilized and that changes may be made without departing from the scope of the present disclosure. The following description is, therefore, not to be taken in a limiting sense.

[0028] Fig.1 shows an exemplary architecture to identify one or more test cases for penetration testing of an application associated with an entity, in accordance with some embodiments of the present disclosure.

[0029] The architecture 100 comprises one or more data sources, data source 1 1031 to data source n 103n (collectively referred to as one or more data sources 103), a communication network 105 and an application testing system 107. As an example, the one or more data sources 103 may include, but not limited to, one or more market systems and one or more entity databases like a bank database, a retail database etc. The one or more market source systems may provide information collected from one or more data sources 103 across a market such as web links, information collected from individuals who are working on projects and their training data bases etc. The one or more data sources 103 are configured to collect data related to an application 104 associated with an entity. As an example, the entity may be an organisation such as a bank, an educational institution, an insurance company etc. The collected data is provided to the application testing system 107 through the communication network 105. The communication network 105 maybe at least one of wired communication network and wireless communication network.

[0030] The application testing system 107 comprises a processor 109, a user interface 111 and a memory 113. The user interface 111 is configured to receive the data related to the application 104 from the one or more data sources 103. As an example, the data related to the application 104 may include, but not limited to, application type, vulnerability data, human error data, business impact data and popularity data. The application type refers to gathering information about kind of the application being used for penetration testing and how much the application is being used. The frequency with which the application is used corresponds to the amount of threat to an application. The vulnerability data refers to historical data to understand how much the application has been prone to threats, how many errors, source code of the application had and how long the application has been active, so that a hacker could have accessed a system. The possibility of vulnerability is a resultant factor of usage of the application and the longevity of the application. The human error data refers to information indicating a possibility of human error that can occur when a developer codes the application. The human error data also indicates if there is a possibility that the developer can develop the application in a better manner to avoid threats to the application. The business impact data indicates importance of the application to business and implications of failures to the business. The popularity data indicates how many people know about the application, because an application is prone to threats only when the application is popular among people. As an example, an application like "Google ™" is more likely to be prone to threats than a normal application which is used only by a group of individuals.

[0031] The received data related to the application 104 is stored in the memory 113. The processor 109 determines a threat score, a vulnerability score, a human error score, a business impact score and a popularity score based on the data related to the application 104. The threat score indicates one or more threats to the application and the vulnerability score indicates the one or more vulnerabilities of the application to the one or more threats, the human error score indicates probability of the one or more threats due to one or more human errors, the business impact score indicates the impact of the application on the entity and the popularity score indicates popularity of the application. In other words, the term "threat score" may be defined as a quantified likelihood of a threat occurring as a result of using the application based on a predicted usage of the application. The term "vulnerability score" may be defined as a quantified likelihood of a threat occurring as a result of using the application based on a number and/or strength of security safeguards provided in the application. The term "human error score" may be defined herein as a quantified likelihood of a threat occurring as a result of using the application based on the likelihood of human errors occurring when using the application.

[0032] The threat score is calculated based on the one or more predefined threat parameters related to the application type. The one or more predefined threat parameters may include, but not limited to, kind of the application, usage of the application, number of users for the application, number of hits for the application and frequency of the usage. Each of the one or more predefined threat parameters is assigned with a predefined weightage value based on which the one or more predefined threat parameters are classified into a low category, a medium category and a high category. As an example, the predefined weightage value of "1" may indicate the low category, the predefined weightage value of "2" may indicate the medium category and the predefined weightage value of "3" may indicate the high category.

[0033] In an embodiment, the threat score is calculated using a first predefined technique as shown in below mentioned equation (Equation 1).



[0034] In an embodiment, K is a constant variable and the value for the constant variable K may be varied based on requirement for the application testing.

[0035] As an example, the value assigned for the constant variable K may be 2 and therefore, the Equation 1 is as provided below.



[0036] The vulnerability score is calculated based on the one or more predefined vulnerability parameters related to the vulnerability data. The one or more predefined vulnerability parameters may include, but not limited to, number of production tickets that were received which are related to source code of the application, how much development has been done to the application, how long has the system comprising the application has been active, how much vulnerable is a database that is associated with the application and what kind of information does the database comprise. Each of the one or more predefined vulnerability parameters is assigned with the predefined weightage value based on which the one or more predefined vulnerability parameters are classified into the low category, the medium category and the high category.

[0037] In an embodiment, the vulnerability score is calculated using a second predefined technique as shown in below mentioned equation (Equation 2).



[0038] In an embodiment, K and P are constant variables and the value for the constant variables K and P may be varied based on the requirement for the application testing.

[0039] As an example, the value assigned for the constant variable K may be 2 and the value assigned for the constant variable P may be 3. Therefore, the Equation 2 is as provided below.



[0040] The human error score is calculated based on the one or more predefined human error parameters related to the human error data. The one or more predefined human error parameters may include, but not limited to, security training attended by the developer/developing team of the application and performance of the developer/developing team, amount of big data involved in the application, implementation of data centric security features in the application and experience of the developer in coding. Each of the one or more predefined human error parameters is assigned with the predefined weightage value based on which the one or more predefined human error parameters are classified into the low category, the medium category and the high category.

[0041] In an embodiment, the human error score is calculated using a third predefined technique as shown in below mentioned equation (Equation 3).



[0042] In an embodiment, K is a constant variable and the value for the constant variable K may be varied based on the requirement for the application testing.

[0043] As an example, the value assigned for the constant variable K may be 2 and therefore, the Equation 3 is as provided below.



[0044] The business impact score is calculated based on the one or more predefined business impact parameters related to the business impact data. The term "business impact score" is preferably used herein to provide a quantified measure of loss incurred as a result of the threat occurring and/or loss incurred to resolve it. Loss may be measured in various ways such as time and/or resources. The business impact score is calculated assuming each application has an equal probability of being attacked. The one or more predefined business impact parameters may include, but not limited to, need of the application for the business, is the application an overhead to the system, how many critical test scenarios are present for the application, does the application contain personal, compliance and life threatening information. Each of the one or more predefined business impact parameters is assigned with the predefined weightage value associated with the low category, the medium category and the high category. Based on the predefined weightage value the one or more predefined business impact parameters are classified into the low category, the medium category and the high category.

[0045] In an embodiment, the business impact score is calculated using a fourth predefined technique as shown in below mentioned equation (Equation 4).



[0046] The popularity score is calculated based on the one or more predefined popularity parameters related to the popularity data. The term "popularity score" is preferably used herein as a quantified likelihood of an application being made a target of a threat. The quantified likelihood may be based on a predicted number of users of the application. The predicted number of users of the application may be determined based on a predetermined demography of users. The one or more predefined popularity parameters may include, but not limited to, area in which the application is available, does the area have a popular personality like CEO of a bank, founder of an education institution etc. as a customer for the application, area/s in which the application is used, population in the area, how many schools/colleges are there in the area and total working adults who are related to software industry in that area/s. In an embodiment, the number of schools/colleges and working adults related to software industry in the area are considered as popularity parameters with a notion that high probability of hackers may be either school/college going teenagers or working adults who have adequate knowledge about software industry. Each of the one or more predefined popularity parameters is assigned with the predefined weightage value associated with the low category, the medium category and the high category. Based on the predefined weightage value the one or more predefined popularity parameters are classified into the low category, the medium category and the high category.

[0047] In an embodiment, the popularity score is calculated using a fifth predefined technique as shown in below mentioned equation (Equation 5).



[0048] In an embodiment, K is a constant variable and the value for the constant variable K may be varied based on the requirement for the application testing.

[0049] As an example, the value assigned for the constant variable K may be 2 and therefore, the Equation 5 is as provided below.



[0050] The processor 109 uses the threat score, the vulnerability score and the human error score to determine a threat quantifier value using a sixth predefined technique as shown in below mentioned equation (Equation 6).



[0051] In an embodiment, K is a constant variable and the value for the constant variable K may be varied based on the requirement for the application testing.

[0052] As an example, the value assigned for the constant variable K may be 10 and therefore, the Equation 6 is as provided below.



[0053] In an embodiment, the threat quantifier value quantifies one or more threats to the application based on the threat score, the vulnerability score and the human error score.

[0054] The processor 109 uses the business score and the popularity score to determine an impact quantifier value using a seventh predefined technique as shown in below mentioned equation (Equation 7). The seventh predefined technique may be expressed in terms of a business impact score (Equation 7a) since the terms "market study score" and "business impact score" may be used interchangeably.





[0055] In an embodiment, K is a constant variable and the value for the constant variable K may be varied based on the requirement for the application testing.

[0056] As an example, the value assigned for the constant variable K may be 10 and therefore, the Equation 7 is as provided below.



[0057] In an embodiment, the impact quantifier value quantifies overall impact of the application to business and amount of the application that should be tested based on the business score and the popularity score. The impact may be measured in terms of a loss incurred in the event of a security breach resulting from using the application. The loss may be measured in terms of time and/or resources resulting from an attack or as a result of resolving a security breach.

[0058] Upon determining the threat quantifier value and the impact quantifier value, a threat severity level and an impact severity level are determined based on the threat quantifier value and the impact quantifier value. Further, one or more test cases are identified based on the threat severity level and the impact severity level for performing penetration testing of the application. Upon identifying the one or more test cases, the threat to the application and the impact to the application are notified to one or more end users. As an example, the one or more end users may be one or more stakeholders of the entity.

[0059] Fig.2 shows a detailed block diagram of an application testing system to identify one or more test cases for penetration testing of an application associated with an entity in accordance with some embodiments of the present disclosure.

[0060] In one implementation, a user interface 111 configured in the application testing system 107, receives data related to an application 104 associated with an entity from the one or more data sources 103. As an example, the data related to the application 104 is stored in a memory 113 configured in the application testing system 107 as shown in the Fig.2. In one embodiment, data 203 includes data related to an application 104, score data 209, threat quantifier value data 213, impact quantifier value data 215, threat severity level data 217 and impact severity level data 218 and other data 219. In the illustrated Fig.2, modules 205 are described herein in detail.

[0061] In one embodiment, the data may be stored in the memory 113 in the form of various data structures. Additionally, the aforementioned data can be organized using data models, such as relational or hierarchical data models. The other data 219 may store data, including temporary data and temporary files, generated by modules 205 for performing the various functions of the application testing system 107.

[0062] In an embodiment, the data related to the application 104 is received from the one or more data sources 103. As an example, the data related to the application 104 may include, but not limited to, application type, vulnerability data, human error data, business impact data and popularity data. The application type refers to gathering information about kind of the application being used for penetration testing and how much the application is being used. The vulnerability data refers to historical data to understand how much the application has been prone to threats, how many errors, source code of the application has and how long the application has been active, so that a hacker could have accessed a system. The human error data refers to information indicating a possibility of human error that can occur when a developer codes the application. The human error data also indicates if there is a possibility that the developer can develop the application in a better manner to avoid threats to the application. The business impact data indicates importance of the application to business and implications of failures to the business. The popularity data indicates how much people know about the application.

[0063] In an embodiment, the score data 209 comprises a threat score, a vulnerability score, a human error score, a business score and a popularity score determined by the processor 109 with respect to the application. The threat score indicates one or more threats to the application. The threat score may be determined using a first predefined technique as shown in Equation 1. The vulnerability score indicates the one or more vulnerabilities of the application to the one or more threats. The vulnerability score may be determined using a second predefined technique as shown in Equation 2. The human error score indicates probability of the one or more threats due to one or more human errors. The human error score may be determined using a third predefined technique as shown in Equation 3. The business impact score indicates the impact of the application on the entity. The business impact score may be determined using a fourth predefined technique as shown in Equation 4. The popularity score indicates popularity of the application. The popularity score may be determined using a fifth predefined technique as shown in Equation 5.

[0064] In one embodiment, the threat quantifier value data 213 is the data required to quantify overall threat to the application. The overall threat to the application is quantified based on the threat score, the vulnerability score and the human error score. A sixth predefined technique as shown in Equation 6 is used to determine the threat quantifier value.

[0065] In one embodiment, the impact quantifier value data 215 is the data required to quantify overall impact of the application on business and amount of the application that needs to be tested. The impact is quantified based on the business score and the popularity score. A seventh predefined technique as shown in Equation 7 is used to determine the impact quantifier value.

[0066] In one embodiment, the threat severity level data 217 comprises the threat severity level of the application. The term "threat severity level" is preferably used herein to categorize the application in terms of potential likelihood of a threat occurring. The threat severity level is categorized in terms of one of a low category, a medium category and a high category. In addition, categories may be denoted in various other forms of readable code, other than a natural language word or phrase, such as an alphanumerical string. The threat severity level is determined based on the threat quantifier value.

[0067] In an embodiment, the impact severity level data 218 comprises the impact severity level of the application. The impact severity level is categorized in terms of one of the low category, the medium category and the high category. The impact severity level is determined based on the impact quantifier value.

[0068] In an embodiment, the data stored in the memory 113 is processed by the modules 205 of the application testing system 107. The modules 205 may be stored within the memory 113. In an example, the modules 205, communicatively coupled to a processor 109 configured in the application testing system 107, may also be present outside the memory 113 as shown in Fig.2 and implemented as hardware. As used herein, the term module refers to an application specific integrated circuit (ASIC), an electronic circuit, a processor 109 (shared, dedicated, or group) and memory that execute one or more software or firmware programs, a combinational logic circuit, and/or other suitable components that provide the described functionality.

[0069] In an embodiment, the modules 205 may include, for example, a receiving module 221, a score determining module 223, a threat quantifier determining module 225, an impact quantifier determining module 227, a threat severity determining module 229, an impact severity determining module 231, an identifying module 233 and other modules 235. The other modules 235 may be used to perform various miscellaneous functionalities of the application testing system 107. It will be appreciated that such aforementioned modules 205 may be represented as a single module or a combination of different modules.

[0070] In an embodiment, the receiving module 221 receives the data related to the application 104 from the one or more data sources 103 configured to collect data related to the application 104 associated with the entity. As an example, the one or more data sources 103 may include, but not limited to, one or more market source systems and one or more entity databases like a bank database, a retail database etc. The one or more market source systems may provide information collected from one or more data sources 103 across a market such as web links, information collected from individuals who are working on projects and their training data bases etc.

[0071] In an embodiment, the score determining module 223 determines the threat score, the vulnerability score, the human error score, the business impact score and the popularity score. The assessment of threat to the application by determining a threat score is mainly based on kind of the application. As an example, a hacker would have a motive to hack a banking site that has confidential information related to the bank accounts rather than an education site which only has information about people who are in a class, attendance related to the class etc. The threat score is calculated based on the one or more predefined threat parameters related to the application type. The one or more predefined threat parameters may include, but not limited to, the kind of the application, the application usage, number of users for the application, number of hits for the application and frequency of the usage. Each of the one or more predefined threat parameters is assigned with a predefined weightage value that classifies the one or more predefined threat parameters into a low category, a medium category and a high category.

[0072] Each of the low category, the medium category and the high category is associated with the predefined weightage value as shown in the below Table 1.
Table 1
CategoriesPredefined Weightage value
Low 1
Medium 2
High 3


[0073] According to the above Table 1, the predefined weightage values associated with the low category, the medium category and the high category are 1, 2 and 3 respectively.

[0074] In an embodiment, each of the one or more predefined threat parameters are classified into the low category, the medium category and the high category by assigning one of the predefined weightage value associated with the low category, the medium category and the high category to each of the one or more predefined threat parameters.

[0075] As an example, consider the Banking application.

[0076] The predefined threat parameter "Application usage" is assigned with a predefined weightage value 3. Therefore the predefined threat parameter "Application usage" belongs to the "high category".

[0077] The predefined threat parameter "Kind of application" is assigned with a predefined weightage value 3. Therefore the predefined threat parameter "Kind of application" belongs to the "high category".

[0078] The predefined threat parameter "Number of hits" is assigned with a predefined weightage value 3. Therefore the predefined threat parameter "Number of hits" belongs to the "high category".

[0079] The predefined threat parameter "Frequency of usage" is assigned with a predefined weightage value 2. Therefore the predefined threat parameter "Frequency of usage" belongs to the "medium category".

[0080] The classification of the one or more threat parameters into one of the low category, the medium category and the high category by assigning the corresponding predefined weightage value is shown in the below Table 2.

[0081] Based on the classification, the threat score is determined using the Equation 1 by substituting the values from the Table 2.
Table 2
ApplicationApplication UsageKind of applicationNo. of hitsFrequency of usageThreat Score
Banking 3 3 3 2 9
Retail 2 3 3 2 8


[0082] According to the above Table 2, the threat score computed for the banking application is 9 and the threat score computed for the retail application is 8.

[0083] Similarly, the vulnerability score, the human error score, the business impact score and the popularity score are determined for the application.

[0084] The vulnerability score is calculated based on the one or more predefined vulnerability parameters related to the vulnerability data. The one or more predefined vulnerability parameters may include, but not limited to, Number of production tickets that were received were related to source code of the application, how much development has been done to the application, how long has the system comprising the application been active, how much vulnerable is a database that is associated with the application and what kind of information does the database carry. Each of the one or more predefined vulnerability parameters is assigned with the predefined weightage value associated with the low category, the medium category and the high category. The predefined weightage value classifies the one or more predefined vulnerability parameters into the low category, the medium category and the high category.

[0085] The classification of the one or more vulnerability parameters into one of the low category, the medium category and the high category by assigning the corresponding predefined weightage value is shown in the below Table 3.

[0086] Based on the classification, the vulnerability score is determined using the Equation 2 by substituting the values from the Table 3.
Table 3
ApplicationProduction tickets related to source codeDevelopment done to the applicationNo. of years the application has been activeVulnerability of databaseVulnerable informationVulnerability score
Banking 2 3 3 2 3 3.7
Retail 1 2 2 1 1 2


[0087] According to the above Table 3, the vulnerability score computed for the banking application is 3.7 and the vulnerability score of the retail application is 2.

[0088] The human error score is calculated based on the one or more predefined human error parameters related to the human error data. The one or more predefined human error parameters may include, but not limited to, did developer/ developing team of the application attend security training and how was his/their corresponding performance, amount of big data involved in the application, whether data centric security features are implemented in the application and experience of the developer in coding. Each of the one or more predefined human error parameters is assigned with the predefined weightage value associated with the low category, the medium category and the high category. The predefined weightage value classifies the one or more predefined human error parameters into the low category, the medium category and the high category.

[0089] The classification of the one or more human error parameters into one of the low category, the medium category and the high category by assigning the corresponding predefined weightage value is shown in the below Table 4.

[0090] Based on the classification, the human error score is determined using the Equation 3 by substituting the values from the Table 4.
Table 4
ApplicationSecurity training attended by developer/developing teamAmount of big data involvedData centric security features implementedExperience of the developer in codingHuman Error Score
Banking 3 3 3 3 3
Retail 1 3 3 1 11


[0091] According to the above Table 4, the human error score computed for the banking application is 3 and the human error score computed for the retail application is 11.

[0092] The business impact score is calculated based on the one or more predefined business impact parameters related to the business impact data. The one or more predefined business impact parameters may include, but not limited to, does business need the application, is the application an overhead to the system, how many critical test scenarios are present for the application, does the application contain personal, compliance and life threatening information. Each of the one or more predefined business impact parameters is assigned with the predefined weightage value associated with the low category, the medium category and the high category. The predefined weightage value classifies the one or more predefined business impact parameters into the low category, the medium category and the high category.

[0093] The classification of the one or more business impact parameters into one of the low category, the medium category and the high category by assigning the corresponding predefined weightage value is shown in the below Table 5.

[0094] Based on the classification, the business impact score is determined using the Equation 4 by substituting the values from the Table 5.
Table 5
ApplicationNeed of the application for businessIs the application an overhead to systemNumber of critical scenarios involvedInvolves personal information, compliance and life threatening informationBusiness impact score
Banking 1 3 2 2 6
Retail 3 2 2 3 11


[0095] According to the above Table 5, the business impact score computed for the banking application is 6 and the business impact score for the retail application is 11.

[0096] The popularity score is calculated based on the one or more predefined popularity parameters related to the popularity data. The one or more predefined popularity parameters may include, but not limited to, area in which the application is used, is the information in the application about a popular personality, population in the area, how many schools/colleges are there in the area and total working adults who are related to software industry in that area/s. Each of the one or more predefined popularity parameters is assigned with the predefined weightage value associated with the low category, the medium category and the high category. The predefined weightage value classifies the one or more predefined popularity parameters into the low category, the medium category and the high category.

[0097] The classification of the one or more popularity parameters into one of the low category, the medium category and the high category by assigning the corresponding predefined weightage value is shown in the below Table 6.

[0098] Based on the classification, the popularity score is determined using the Equation 5 by substituting the values from the Table 6.
Table 6
ApplicationArea in which the application is availableDoes the area contain popular personality as customerPopulation in the areaApprox. population in school and colleges in the areaApprox. population of working adults in software in the areaPopularity Score
Banking 3 3 2 2 2 2.75
Retail 1 0 1 0 1 2


[0099] According to the above Table 6, the popularity score computed for the banking application is 2.75 and the popularity score computed for the retail application is 2.

[0100] In an embodiment, the threat quantifier determining module 225 determines the threat quantifier value for the application. The threat quantifier value quantifies the overall threat to the application based on the threat score, the vulnerability score and the human error score. The sixth predefined technique as shown in Equation 6 may be used to calculate the threat quantifier value for the application.

[0101] As an example, the Table 7 indicates the threat quantifier value determined for two applications namely "Banking application" and "Retail application".
Table 7
ApplicationThreat ScoreVulnerability ScoreHuman Error ScoreThreat Quantifier Value
Banking 9 3.6 3 3.78
Retail 8 2 11 11


[0102] In an embodiment, the impact quantifier determining module 227 determines the impact quantifier for the application. The impact quantifier value quantifiers the overall impact to the application based on the business impact score and the popularity score. The seventh predefined technique as shown in Equation 7 may be used to calculate the impact quantifier value for the application.

[0103] As an example, the Table 8 indicates the impact quantifier value determined for two applications namely "Banking application" and "Retail application".
Table 8
ApplicationBusiness impact scorePopularity ScoreImpact quantifier value
Banking 6 2.75 3.3
Retail 11 1 2.2


[0104] In an embodiment, the threat severity determining module 229 determines the threat severity level of the application. The threat severity level is determined based on the threat quantifier value. The threat severity level is categorized in terms of one of the low category, the medium category and the high category.

[0105] If the threat quantifier value is less than or equal to 1, then the threat severity level of the application is "Low".

[0106] If the threat quantifier value is greater than 1 but less than or equal to 5, then the threat severity level of the application is "Medium".

[0107] If the threat quantifier value is greater than 5, then the threat severity level of the application is "High".

[0108] As an example, the Table 9 indicates the threat severity level determined for two applications namely "Banking application" and "Retail application".
Table 9
ApplicationThreat quantifier valueThreat Severity level
Banking 3.78 Medium
Retail 11 High


[0109] As an example, in the above Table 9, the threat quantifier value of the banking application is 3.78. Since the threat quantifier value is greater than 1 but less than or equal to 5, the threat severity level of the banking application is "Medium".

[0110] In an embodiment, the impact severity determining module 231 determines the impact severity level of the application. The impact severity level is determined based on the impact quantifier value. The impact severity level is categorized in terms of one of the low category, the medium category and the high category.

[0111] If the impact quantifier value is less than 0, then the impact severity level of the application is "Low".

[0112] If the impact quantifier value is greater than or equal to 1 but less than or equal to 2, then the impact severity level of the application is "Medium".

[0113] If the impact quantifier value is greater than 2, then impact severity level of the application is "High".

[0114] As an example, the Table 10 indicates the impact severity level determined for two applications namely "Banking application" and "Retail application".
Table 10
ApplicationImpact quantifier valueImpact Severity level
Banking 3.3 High
Retail 2.2 Medium


[0115] As an example, in the above Table 10, the impact quantifier value of the banking application is 3.3. Since the impact quantifier value is greater than 2, the impact severity level of the banking application is "High".

[0116] In an embodiment, the identifying module 233 identifies one or more test cases for performing penetration testing of the application. The one or more test cases are identified based on the determined threat severity level and the impact severity level of the application. The identified one or more test cases specify what kind of penetration test needs to be done i.e. the one or more test cases indicate the necessary scenarios to be subjected to penetration testing such as scenarios where only risk based testing may be performed, scenario with first priority, scenario with second priority, all possible scenarios etc. Upon identifying the one or more test cases, the threat to the application and the impact to the application are notified to one or more end users. As an example, the one or more end users may be one or more stakeholders of the entity.

[0117] As an example, Table 11 indicates the identified one or more test cases for different combinations of the threat severity level and the impact severity level.
Table 11
Threat Severity levelImpact severity levelTest cases
High High All possible scenarios
Medium Medium Priority 1 and 2 scenarios
Low Low Risk based testing
High Medium All possible scenarios
Medium high All possible scenarios
Low Medium Priority 1 and 2 scenarios
High Low Priority 1 and 2 scenarios
Medium Low Priority 1 and 2 scenarios
Low Medium Priority 1 and 2 scenarios


[0118] As an example, consider the first combination and the second combination in the Table 11.

[0119] In the first combination, the threat severity level is "High" and the impact severity level is "High". Therefore, the penetration testing may be performed for all possible scenarios.

[0120] In the second combination, the threat severity level is "Medium" and the impact severity level is "Medium". Therefore, the penetration testing may be performed for the scenario with first priority and for the scenario with second priority.

[0121] Similarly, penetration testing of the application is performed for rest of the combinations.

[0122] Fig.3 illustrates a flowchart to identify one or more test cases for penetration testing of an application associated with an entity, in accordance with some embodiments of the present disclosure.

[0123] As illustrated in Fig.3, the method 300 comprises one or more blocks illustrating a method to identify one or more test cases for penetration testing of an application associated with an entity. The method 300 may be described in the general context of computer executable instructions. Generally, computer executable instructions can include routines, programs, objects, components, data structures, procedures, modules, and functions, which perform particular functions or implement particular abstract data types.

[0124] The order in which the method 300 is described is not intended to be construed as a limitation, and any number of the described method blocks can be combined in any order to implement the method. Additionally, individual blocks may be deleted from the methods without departing from the scope of the subject matter described herein. Furthermore, the method can be implemented in any suitable hardware, software, firmware, or combination thereof.

[0125] At block 301, data related to an application 104 is received from the one or more data sources 103 by an application testing system 107 to identify one or more test cases for penetration testing of an application associated with an entity. In an embodiment, the data related to the application 104 is received by a user interface 111 configured in the application testing system 107. As an example, the one or more data sources 103 may include, but not limited to, one or more market systems and one or more entity databases like a bank database, a retail database etc. As an example, the data related to the application 104 may include, but not limited to, application type, vulnerability data, human error data, business impact data and popularity data. The application type refers to gathering information about kind of the application being used for penetration testing and how much the application is being used. The vulnerability data refers to historical data to understand how much the application has been prone to threats, how many errors, source code of the application had and how long the application has been active, so that a hacker could have accessed a system. The possibility of vulnerability is a resultant factor of usage of the application and the longevity of the application. The human error data refers to information indicating a possibility of human error that can occur when a developer codes the application. The human error data also indicates if there is a possibility that the developer can develop the application in a better manner to avoid threats to the application. The business impact data indicates importance of the application to business and implications of failures to the business. The popularity data indicates how much people know about the application, because an application is prone to threats only when the application is popular among people.

[0126] At block 303, a threat score, a vulnerability score, a human error score, a business impact score and a popularity score are determined for the application based on the data related to the application 104. In an embodiment, the processor 109 determines a threat score, a vulnerability score, a human error score, a business impact score and a popularity score. The threat score indicates one or more threats to the application and the vulnerability score indicates the one or more vulnerabilities of the application to the one or more threats, the human error score indicates probability of the one or more threats due to one or more human errors, the business impact score indicates the impact of the application on the entity and the popularity score indicates popularity of the application.

[0127] The threat score is calculated based on the one or more predefined threat parameters related to the application type. The one or more predefined threat parameters may include, but not limited to, kind of the application, usage of the application, number of users for the application, number of hits for the application and frequency of the usage.

[0128] The vulnerability score is calculated based on the one or more predefined vulnerability parameters related to the vulnerability data. The one or more predefined vulnerability parameters may include, but not limited to, number of production tickets that were received which are related to source code of the application, how much development has been done to the application, how long has the system comprising the application has been active, how much vulnerable is a database that is associated with the application and what kind of information does the database comprise.

[0129] The human error score is calculated based on the one or more predefined human error parameters related to the human error data. The one or more predefined human error parameters may include, but not limited to, security training attended by the developer/developing team of the application and performance of the developer/developing team, amount of big data involved in the application, implementation of data centric security features in the application and experience of the developer in coding.

[0130] The business impact score is calculated based on the one or more predefined business impact parameters related to the business impact data. The one or more predefined business impact parameters may include, but not limited to, need of the application for the business, is the application an overhead to the system, how many critical test scenarios are present for the application, does the application contain personal, compliance and life threatening information.

[0131] The popularity score is calculated based on the one or more predefined popularity parameters related to the popularity data. The one or more predefined popularity parameters may include, but not limited to, area in which the application is available, does the area have a popular personality like CEO of a bank, founder of an education institution etc. as a customer for the application, area/s in which the application is used, population in the area, how many schools/colleges are there in the area and total working adults who are related to software industry in that area/s.

[0132] At block 305, a threat quantifier value is determined by the application testing system 107. In an embodiment, the processor 109 uses the determined threat score, the vulnerability score and the human error score to determine the threat quantifier value for the application. The threat quantifier value quantifies one or more threats to the application based on the threat score, the vulnerability score and the human error score.

[0133] At block 307, an impact quantifier value is determined by the application testing system 107. In an embodiment, the processor 109 uses the business score and the popularity score to determine an impact quantifier value of the application. The impact quantifier value quantifies overall impact to of the application to business and amount of the application that should be tested based on the business score and the popularity score.

[0134] At block 309, a threat severity level and an impact severity level are determined by the application testing system 107. In an embodiment, the processor 109 determines the threat severity level and the impact severity level based on the threat quantifier value and the impact quantifier value respectively. The threat severity level and the impact severity level are in terms of one of the low category, the medium category and the high category.

[0135] At block 311, one or more test cases are identified by the application testing system 107. In an embodiment, the processor 109 identifies the one or more test cases based on the threat severity level and the impact severity level for performing penetration testing of the application. The identified one or more test cases specify what kind of penetration test needs to be done i.e. the one or more test cases indicate the necessary scenarios to be subjected to penetration testing such as scenarios where only risk based testing may be performed, scenario with first priority, scenario with second priority, all possible scenarios etc. Upon identifying the one or more test cases, the threat to the application and the impact to the application are notified to one or more end users. As an example, the one or more end users may be one or more stakeholders of the entity.

[0136] Fig.4 is a block diagram of an exemplary computer system for implementing embodiments consistent with the present disclosure.

[0137] In an embodiment, the application testing system 400 is used to identify one or more test cases for penetration testing of an application associated with an entity. The application testing system 400 may comprise a central processing unit ("CPU" or "processor") 402. The processor 402 may comprise at least one data processor for executing program components for executing user- or system-generated business processes. A user may include a person, a person using a device such as such as those included in this invention, or such a device itself. The processor 402 may include specialized processing units such as integrated system (bus) controllers, memory management control units, floating point units, graphics processing units, digital signal processing units, etc.

[0138] The processor 402 may be disposed in communication with one or more input/output (I/O) devices (411 and 412) via I/O interface 401. The I/O interface 401 may employ communication protocols/methods such as, without limitation, audio, analog, digital, stereo, IEEE-1394, serial bus, Universal Serial Bus (USB), infrared, PS/2, BNC, coaxial, component, composite, Digital Visual Interface (DVI), high-definition multimedia interface (HDMI), Radio Frequency (RF) antennas, S-Video, Video Graphics Array (VGA), IEEE 802.n /b/g/n/x, Bluetooth, cellular (e.g., Code-Division Multiple Access (CDMA), High-Speed Packet Access (HSPA+), Global System For Mobile Communications (GSM), Long-Term Evolution (LTE), WiMax, or the like), etc.

[0139] Using the I/O interface 401, the application testing system 400 may communicate with one or more I/O devices (411 and 412).

[0140] In some embodiments, the processor 402 may be disposed in communication with a communication network 409 via a network interface 403. The network interface 403 may communicate with the communication network 409. The network interface 403 may employ connection protocols including, without limitation, direct connect, Ethernet (e.g., twisted pair 10/100/1000 Base T), Transmission Control Protocol/Internet Protocol (TCP/IP), token ring, IEEE 802.11 a/b/g/n/x, etc. Using the network interface 403 and the communication network 409, the application testing system 400 may communicate with one or more data sources 410 (a,..,n). The communication network 409 can be implemented as one of the different types of networks, such as intranet or Local Area Network (LAN) and such within the organization. The communication network 409 may either be a dedicated network or a shared network, which represents an association of the different types of networks that use a variety of protocols, for example, Hypertext Transfer Protocol (HTTP), Transmission Control Protocol/Internet Protocol (TCP/IP), Wireless Application Protocol (WAP), etc., to communicate with each other. Further, the communication network 409 may include a variety of network devices, including routers, bridges, servers, computing devices, storage devices, etc. The one or more data sources 410 (a,...,n) may include, without limitation, personal computer(s), mobile devices such as cellular telephones, smartphones, tablet computers, eBook readers, laptop computers, notebooks, gaming consoles, or the like.

[0141] In some embodiments, the processor 402 may be disposed in communication with a memory 405 (e.g., RAM, ROM, etc. not shown in Fig.4) via a storage interface 404. The storage interface 404 may connect to memory 405 including, without limitation, memory drives, removable disc drives, etc., employing connection protocols such as Serial Advanced Technology Attachment (SATA), Integrated Drive Electronics (IDE), IEEE-1394, Universal Serial Bus (USB), fiber channel, Small Computer Systems Interface (SCSI), etc. The memory drives may further include a drum, magnetic disc drive, magneto-optical drive, optical drive, Redundant Array of Independent Discs (RAID), solid-state memory devices, solid-state drives, etc.

[0142] The memory 405 may store a collection of program or database components, including, without limitation, user interface application 406, an operating system 407, web server 408 etc. In some embodiments, application testing system 400 may store user/application data 406, such as the data, variables, records, etc. as described in this invention. Such databases may be implemented as fault-tolerant, relational, scalable, secure databases such as Oracle or Sybase.

[0143] The operating system 407 may facilitate resource management and operation of the application testing system 400. Examples of operating systems include, without limitation, Apple Macintosh OS X, UNIX, Unix-like system distributions (e.g., Berkeley Software Distribution (BSD), FreeBSD, NetBSD, OpenBSD, etc.), Linux distributions (e.g., Red Hat, Ubuntu, Kubuntu, etc.), International Business Machines (IBM) OS/2, Microsoft Windows (XP, Vista/7/8, etc.), Apple iOS, Google Android, Blackberry Operating System (OS), or the like. User interface 406 may facilitate display, execution, interaction, manipulation, or operation of program components through textual or graphical facilities. For example, user interfaces may provide computer interaction interface elements on a display system operatively connected to the application testing system 400, such as cursors, icons, check boxes, menus, scrollers, windows, widgets, etc. Graphical User Interfaces (GUIs) may be employed, including, without limitation, Apple Macintosh operating systems' Aqua, IBM OS/2, Microsoft Windows (e.g., Aero, Metro, etc.), Unix X-Windows, web interface libraries (e.g., ActiveX, Java, Javascript, AJAX, HTML, Adobe Flash, etc.), or the like.

[0144] In some embodiments, the application testing system 400 may implement a web browser 408 stored program component. The web browser may be a hypertext viewing application, such as Microsoft Internet Explorer, Google Chrome, Mozilla Firefox, Apple Safari, etc. Secure web browsing may be provided using Secure Hypertext Transport Protocol (HTTPS) secure sockets layer (SSL), Transport Layer Security (TLS), etc. Web browsers may utilize facilities such as AJAX, DHTML, Adobe Flash, JavaScript, Java, Application Programming Interfaces (APIs), etc. In some embodiments, the application testing system 400 may implement a mail server stored program component. The mail server may be an Internet mail server such as Microsoft Exchange, or the like. The mail server may utilize facilities such as Active Server Pages (ASP), ActiveX, American National Standards Institute (ANSI) C++/C#, Microsoft .NET, CGI scripts, Java, JavaScript, PERL, PHP, Python, WebObjects, etc. The mail server may utilize communication protocols such as Internet Message Access Protocol (IMAP), Messaging Application Programming Interface (MAPI), Microsoft Exchange, Post Office Protocol (POP), Simple Mail Transfer Protocol (SMTP), or the like. In some embodiments, the application testing system 400 may implement a mail client stored program component. The mail client may be a mail viewing application, such as Apple Mail, Microsoft Entourage, Microsoft Outlook, Mozilla Thunderbird, etc.

[0145] Furthermore, one or more computer-readable storage media may be utilized in implementing embodiments consistent with the present invention. A computer-readable storage medium refers to any type of physical memory on which information or data readable by a processor may be stored. Thus, a computer-readable storage medium may store instructions for execution by one or more processors, including instructions for causing the processor(s) to perform steps or stages consistent with the embodiments described herein. The term "computer-readable medium" should be understood to include tangible items and exclude carrier waves and transient signals, i.e., non-transitory. Examples include Random Access Memory (RAM), Read-Only Memory (ROM), volatile memory, non-volatile memory, hard drives, Compact Disc (CD) ROMs, Digital Video Disc (DVDs), flash drives, disks, and any other known physical storage media.

[0146] Advantages of the embodiment of the present disclosure are described below.

[0147] In an embodiment, the present disclosure provides a method and a system to identify one or more test cases for penetration testing of an application associated with an entity.

[0148] The present disclosure provides a feature wherein the one or more test cases are identified based on a threat severity level and an impact severity level for performing penetration testing of an application. Therefore, only the identified test cases can be performed during the penetration testing instead of testing all possible scenarios.

[0149] The present disclosure overcomes the cost and time related issues related to penetration testing due to the identification of the one or more test cases and execution of the one or more test cases.

[0150] The present disclosure provides a feature wherein each and every parameter related to the penetration testing is evaluated uniquely to make the security to the application more impactful.

[0151] The present disclosure provides a feature wherein the already available data related to the application is used to implement the method and provides a structured result that helps in better understanding.

[0152] A description of an embodiment with several components in communication with each other does not imply that all such components are required. On the contrary a variety of optional components are described to illustrate the wide variety of possible embodiments of the invention.

[0153] When a single device or article is described herein, it will be readily apparent that more than one device/article (whether or not they cooperate) may be used in place of a single device/article. Similarly, where more than one device or article is described herein (whether or not they cooperate), it will be readily apparent that a single device/article may be used in place of the more than one device or article or a different number of devices/articles may be used instead of the shown number of devices or programs. The functionality and/or the features of a device may be alternatively embodied by one or more other devices which are not explicitly described as having such functionality/features. Thus, other embodiments of the invention need not include the device itself.

[0154] The specification has described a method and a system to identify one or more test cases for penetration testing of an application associated with an entity. The illustrated steps are set out to explain the exemplary embodiments shown, and it should be anticipated that on-going technological development will change the manner in which particular functions are performed. These examples are presented herein for purposes of illustration, and not limitation. Further, the boundaries of the functional building blocks have been arbitrarily defined herein for the convenience of the description. Alternative boundaries can be defined so long as the specified functions and relationships thereof are appropriately performed. Alternatives (including equivalents, extensions, variations, deviations, etc., of those described herein) will be apparent to persons skilled in the relevant art(s) based on the teachings contained herein. Such alternatives fall within the scope of the disclosed embodiments. Also, the words "comprising," "having," "containing," and "including," and other similar forms are intended to be equivalent in meaning and be open ended in that an item or items following any one of these words is not meant to be an exhaustive listing of such item or items, or meant to be limited to only the listed item or items. It must also be noted that as used herein and in the appended claims, the singular forms "a," "an," and "the" include plural references unless the context clearly dictates otherwise.

[0155] Finally, the language used in the specification has been principally selected for readability and instructional purposes, and it may not have been selected to delineate or circumscribe the inventive subject matter. It is therefore intended that the scope of the invention be limited not by this detailed description, but rather by any claims that issue on an application based here on. Accordingly, the embodiments of the present invention are intended to be illustrative, but not limiting, of the scope of the invention, which is set forth in the following claims.


Claims

1. A computer-implemented method of identifying one or more test cases for penetration testing of an application associated with an entity, the method comprising:

receiving (301) data (104) related to the application from one or more data sources (103);

determining (303), based on the received data, a threat score indicating one or more threats to the application, a vulnerability score indicating one or more vulnerabilities of the application to the one or more threats, a human error score indicating probability of the one or more threats due to one or more human errors, a business impact score indicating impact of the application on the entity, and a popularity score indicating popularity of the application, wherein

the threat score is a quantified likelihood of the one or more threats occurring as a result of using the application based on a predicted usage of the application,

the vulnerability score is a quantified likelihood of the one or more threats occurring as a result of using the application based on a number and/or strength of security safeguards provided in the application, and

the human error score is a quantified likelihood of the one or more threats occurring as a result of using the application based on the likelihood of human errors occurring when using the application;

determining (305) a threat quantifier value, based on the threat score, the vulnerability score and the human error score, by multiplying a sum of the threat score and the vulnerability score by the human error score and dividing by a constant variable;

determining (307) an impact quantifier value based on the business impact score and the popularity score, by multiplying the business impact score by the popularity score, further multiplying by 2, and dividing by the constant variable;

determining (309) a threat severity level and an impact severity level based on the corresponding threat quantifier value and the impact quantifier value; and

identifying (311) the one or more test cases based on a combination of the threat severity level and the impact severity level for performing penetration testing of the application.


 
2. The method as claimed in claim 1, wherein the data comprises application type, human error data, vulnerability data, business impact data, and popularity data.
 
3. The method as claimed in claim 1 or claim 2, wherein determining the threat score comprises:

classifying predefined threat parameters related to an application type into one of a low category, a medium category, and a high category, the threat parameters comprising a kind of the application, an application usage, a number of users for the application, a number of hits for the application, and a frequency of the application usage;

assigning a predefined weightage value to the low category, the medium category and the high category; and

determining the threat score based on the assigned predefined weightage value using a first equation:

wherein K is a constant variable.


 
4. The method as claimed in any preceding claim, wherein determining the vulnerability score comprises:

classifying predefined vulnerability parameters related to a vulnerability data into one of a low category, a medium category, and a high category, the one vulnerability parameters comprising: a number of production tickets related to a source code of the application, how much development has been done to the application, how long a system comprising the application has been active, how vulnerable a database associated with the application, and a kind of information the database comprises;

assigning a predefined weightage value to the low category, the medium category and the high category; and

determining the vulnerability score based on the assigned predefined weightage value using a second equation:

wherein K and P are constant variables.


 
5. The method as claimed in any preceding claim, wherein determining the human error score comprises:

classifying predefined human error parameters related to a human error data into one of a low category, a medium category, and a high category, the human error parameters comprising:
security training attended by the developer/developing team of the application, amount of big data involved in the application, implementation of data centric security features in the application, and experience of the developer in coding;

assigning a predefined weightage value to the low category, the medium category and the high category; and

determining the human error score based on the assigned predefined weightage value using a third equation:

wherein K is a constant variable.


 
6. The method as claimed in any preceding claim, wherein determining the business impact score comprises:

classifying predefined business impact parameters related to a business impact data into one of a low category, a medium category, and a high category, the business impact parameters comprising: a need of the application for the business, an overhead of the system comprising the application is, a number of critical test scenarios present for the application, whether the application contains personal, compliance, and life threatening information;

assigning a predefined weightage value to the low category, the medium category and the high category; and

determining the business impact score based on the assigned predefined weightage value using a fourth equation:


 
7. The method as claimed in any preceding claim, wherein determining the popularity score comprises:

classifying predefined popularity parameters related to a popularity data into one of a low category, a medium category, and a high category, the popularity parameters comprising: an area in which the application is available, whether the area has a popular personality as a customer for the application, area(s) in which the application is used, a population in the area(s), a number of schools/colleges are in the area, and a total number of adults related to software industry in the area(s);

assigning a predefined weightage value to the low category, the medium category and the high category; and

determining the popularity score based on the assigned predefined weightage value using a fifth equation:

wherein K is a constant variable.


 
8. The method as claimed in any preceding claim, wherein determining the threat severity level comprises:

comparing the threat quantifier value with one or more predefined threat range of values, wherein each of the one or more predefined threat range of values is associated with one of a low category, a medium category and a high category; and

obtaining one of the low category, the medium category and the high category corresponding to the matched predefined threat range of value.


 
9. The method as claimed in any preceding claim, wherein determining the impact severity level comprises:

comparing the impact quantifier value with one or more predefined impact range of values, wherein each of the one or more predefined impact range of values is associated with one of a low category, a medium category and a high category; and

obtaining one of the low category, the medium category and the high category corresponding to the matched predefined impact range of value.


 
10. An application testing system (107) to identify one or more test cases for penetration testing of an application associated with an entity, the application testing system comprising:

a processor (109); and

a memory (113) communicatively coupled to the processor , wherein the memory stores the processor-executable instructions, which, on execution, causes the processor to perform the method of any preceding claim.


 
11. A non-transitory computer readable medium including instructions stored thereon that when processed by at least one processor (109) causes an application testing system (107) to perform the method of any of claims 1 to 9.
 


Ansprüche

1. Computerimplementiertes Verfahren zum Identifizieren von einem oder mehreren Testfällen zur Eindringungsprüfung einer einer Entität zugeordneten Anwendung, wobei das Verfahren umfasst:

ein Empfangen (301) von Daten (104), die sich auf die Anwendung beziehen, von einer oder mehreren Datenquellen (103);

ein Bestimmen (303), basierend auf den empfangenen Daten, eines Bedrohungsscores, der eine oder mehrere Bedrohungen für die Anwendung anzeigt, eines Anfälligkeitsscores, der eine oder mehrere Anfälligkeiten der Anwendung gegenüber der einen oder den mehreren Bedrohungen anzeigt, eines Scores für menschliche Fehler, der die Wahrscheinlichkeit der einen oder der mehreren Bedrohungen aufgrund eines oder mehrerer menschlicher Fehler anzeigt, eines Geschäftsauswirkungsscores, der die Auswirkung der Anwendung auf die Entität anzeigt, und eines Beliebtheitsscores, der die Beliebtheit der Anwendung anzeigt, wobei

der Bedrohungsscore eine quantifizierte Wahrscheinlichkeit ist, dass die eine oder die mehreren Bedrohungen als ein Ergebnis der Verwendung der Anwendung auftreten, basierend auf einer vorhergesagten Nutzung der Anwendung;

der Anfälligkeitsscore eine quantifizierte Wahrscheinlichkeit ist, dass die eine oder die mehreren Bedrohungen als ein Ergebnis der Verwendung der Anwendung auftreten, basierend auf einer Anzahl und/oder Stärke von Absicherungen, die in der Anwendung bereitgestellt sind;

der Score für menschliche Fehler eine quantifizierte Wahrscheinlichkeit ist, dass die eine oder die mehreren Bedrohungen als ein Ergebnis der Verwendung der Anwendung auftreten, basierend auf der Wahrscheinlichkeit, dass menschliche Fehler bei der Verwendung der Anwendung auftreten;

ein Bestimmen (305) eines Bedrohungsquantifizierungswerts, basierend auf dem Bedrohungsscore, dem Anfälligkeitsscore und dem Score für menschliche Fehler, durch Multiplizieren einer Summe des Bedrohungsscores und des Anfälligkeitsscores mit dem Score für menschliche Fehler und Teilen durch eine konstante Variable;

ein Bestimmen (307) eines Auswirkungsquantifizierungswerts, basierend auf dem Geschäftsauswirkungsscore und dem Beliebtheitsscore, durch Multiplizieren des Geschäftsauswirkungsscores mit dem Beliebtheitsscore, ferner Multiplizieren mit 2 und Teilen durch die konstante Variable;

ein Bestimmen (309) eines Bedrohungsschweregrads und eines Auswirkungsschweregrads basierend auf dem entsprechenden Bedrohungsquantifizierungswert und dem Auswirkungsquantifizierungswert; und

ein Identifizieren (311) des einen oder der mehreren Testfälle basierend auf einer Kombination des Bedrohungsschweregrads und des Auswirkungsschweregrads zum Ausführen von Eindringungsprüfung der Anwendung.


 
2. Verfahren nach Anspruch 1, wobei die Daten Anwendungstyp, Daten zu menschlichen Fehlern, Anfälligkeitsdaten, Geschäftsauswirkungsdaten und Beliebtheitsdaten umfassen.
 
3. Verfahren nach Anspruch 1 oder Anspruch 2, wobei das Bestimmen des Bedrohungsscores umfasst:

ein Klassifizieren vordefinierter Bedrohungsparameter, die sich auf einen Anwendungstyp beziehen, in eine einer unteren Kategorie, einer mittleren Kategorie und einer hohen Kategorie, wobei die Bedrohungsparameter eine Anwendungsart, eine Anwendungsnutzung, eine Nutzeranzahl für die Anwendung, eine Trefferanzahl für die Anwendung und eine Frequenz der Anwendungsnutzung umfassen;

ein Zuweisen eines vordefinierten Gewichtungswerts zu der unteren Kategorie, der mittleren Kategorie und der hohen Kategorie; und

ein Bestimmen des Bedrohungswerts basierend auf dem zugewiesenen vordefinierten Gewichtungswert mithilfe einer ersten Gleichung:

wobei K eine konstante Variable ist.


 
4. Verfahren nach einem der vorangehenden Ansprüche, wobei das Bestimmen des Anfälligkeitsscores umfasst:

ein Klassifizieren vordefinierter Anfälligkeitsparameter, die sich auf Anfälligkeitsdaten beziehen, in eine einer unteren Kategorie, einer mittleren Kategorie und einer hohen Kategorie, wobei der eine Anfälligkeitsparameter umfasst: eine Anzahl von Produktionstickets, die sich auf einen Quellcode der Anwendung beziehen, wie viel Entwicklung an der Anwendung vorgenommen wurde, wie lange ein die Anwendung umfassendes System aktiv war, wie anfällig eine der Anwendung zugeordnete Datenbank ist, und eine Informationsart, die die Datenbank umfasst;

ein Zuweisen eines vordefinierten Gewichtungswerts zu der unteren Kategorie, der mittleren Kategorie und der hohen Kategorie; und

ein Bestimmen des Anfälligkeitsscores basierend auf dem zugewiesenen vordefinierten Gewichtungswert mithilfe einer zweiten Gleichung:

anfällige Informationen,

wobei K und P konstante Variablen sind.


 
5. Verfahren nach einem der vorangehenden Ansprüche, wobei das Bestimmen des Scores für menschliche Fehler umfasst:
ein Klassifizieren vordefinierter Parameter für menschliche Fehler, die sich auf Daten über menschliche Fehler beziehen, in eine einer unteren Kategorie, einer mittleren Kategorie und einer hohen Kategorie, wobei die Parameter für menschliche Fehler umfassen:

Sicherheitsschulungen, an denen der Entwickler/das Entwicklungsteam der Anwendung teilgenommen hat, Menge an in der Anwendung involvierten Big Data, Implementierung von datenzentrischen Sicherheitsmerkmalen in der Anwendung und Erfahrung des Entwicklers mit dem Codieren;

ein Zuweisen eines vordefinierten Gewichtungswerts zu der unteren Kategorie, der mittleren Kategorie und der hohen Kategorie; und

ein Bestimmen des Scores für menschliche Fehler, basierend auf dem zugewiesenen vordefinierten Gewichtungswert mithilfe einer dritten Gleichung:

wobei K eine konstante Variable ist.


 
6. Verfahren nach einem der vorangehenden Ansprüche, wobei das Bestimmen des Geschäftsauswirkungsscores umfasst:

ein Klassifizieren vordefinierter Geschäftsauswirkungsparameter, die sich auf Geschäftsauswirkungsdaten beziehen, in eine einer unteren Kategorie, einer mittleren Kategorie und einer hohen Kategorie, wobei die Geschäftsauswirkungsparameter umfassen: einen Bedarf der Anwendung für das Geschäft, einen Overhead des die Anwendung umfassenden Systems, eine Anzahl von für die Anwendung vorhandenen kritischen Testszenarien, ob die Anwendung Informationen über Personal, Compliance und Lebensgefährdung enthält;

ein Zuweisen eines vordefinierten Gewichtungswerts zu der unteren Kategorie, der mittleren Kategorie und der hohen Kategorie; und

ein Bestimmen des Geschäftsauswirkungsscores, basierend auf dem zugewiesenen vordefinierten Gewichtungswert mithilfe einer vierten Gleichung:


 
7. Verfahren nach einem der vorangehenden Ansprüche, wobei das Bestimmen des Beliebtheitsscores umfasst:

ein Klassifizieren vordefinierter Beliebtheitsparameter, die sich auf Beliebtheitsdaten beziehen, in eine einer unteren Kategorie, einer mittleren Kategorie und einer hohen Kategorie, wobei die Beliebtheitsparameter umfassen: einen Bereich, in dem die Anwendung verfügbar ist, ob der Bereich eine beliebte Persönlichkeit als einen Kunden für die Anwendung aufweist, (einen) Bereich(e), in dem/denen die Anwendung verwendet wird, eine Population in dem/den Bereich(en), eine Anzahl von Schulen/Universitäten in dem Bereich und eine Gesamtanzahl von Erwachsenen, die sich auf die Softwarebranche in dem/den Bereich(en) beziehen;

ein Zuweisen eines vordefinierten Gewichtungswerts zu der unteren Kategorie, der mittleren Kategorie und der hohen Kategorie; und

ein Bestimmen des Beliebtheitsscores basierend auf dem zugewiesenen vordefinierten Gewichtungswert mithilfe einer fünften Gleichung:

wobei K eine konstante Variable ist.


 
8. Verfahren nach einem der vorangehenden Ansprüche, wobei das Bestimmen des Bedrohungsschweregrads umfasst:

ein Vergleichen des Bedrohungsquantifizierungswerts mit einem oder mehreren vordefinierten Bedrohungswertbereichen, wobei jeder des einen oder der mehreren vordefinierten Bedrohungswertbereiche einer einer unteren Kategorie, einer mittleren Kategorie und einer hohen Kategorie zugeordnet ist; und

ein Erhalten einer der unteren Kategorie, der mittleren Kategorie und der hohen Kategorie, die dem abgeglichenen vordefinierten Bedrohungswertbereich entsprechen.


 
9. Verfahren nach einem der vorangehenden Ansprüche, wobei das Bestimmen des Auswirkungsschweregrads umfasst:

ein Vergleichen des Auswirkungsquantifizierungswerts mit einem oder mehreren vordefinierten Auswirkungswertbereichen, wobei jeder des einen oder der mehreren vordefinierten Auswirkungswertbereiche einer einer unteren Kategorie, einer mittleren Kategorie und einer hohen Kategorie zugeordnet ist; und

ein Erhalten einer der unteren Kategorie, der mittleren Kategorie und der hohen Kategorie, die dem abgeglichenen vordefinierten Auswirkungswertbereich entsprechen.


 
10. Anwendungsprüfsystem (107) zum Identifizieren eines oder mehrerer Testfälle zur Eindringungsprüfung einer einer Entität zugeordneten Anwendung, wobei das Anwendungstestsystem umfasst:

einen Prozessor (109); und

einen Speicher (113), der kommunizierend mit dem Prozessor gekoppelt ist, wobei der Speicher die prozessorausführbaren Anweisungen speichert, die, bei Ausführung, bewirken, dass der Prozessor das Verfahren nach einem der vorangehenden Ansprüche ausführt.


 
11. Nicht-transitorisches computerlesbares Medium, enthaltend Anweisungen, die darauf gespeichert sind, die bei Verarbeitung durch mindestens einen Prozessor (109) bewirken, dass ein Anwendungsprüfsystem (107) das Verfahren nach einem der Ansprüche 1 bis 9 ausführt.
 


Revendications

1. Procédé mis en œuvre par ordinateur d'identification d'un ou de plusieurs cas d'essai en vue d'essais de pénétration d'une application associée à une entité, le procédé comprenant :

la réception (301) des données (104) liées à l'application en provenance d'une ou plusieurs sources de données (103) ; la détermination (303), sur la base des données reçues, d'un score de menace indiquant une ou plusieurs menaces pour l'application, un score de vulnérabilité indiquant une ou plusieurs vulnérabilités de l'application à la ou aux menaces, un score d'erreur humaine indiquant la probabilité de la ou des menaces dues à une ou plusieurs erreurs humaines, un score d'impact commercial indiquant l'impact de l'application sur l'entité et un score de popularité indiquant la popularité de l'application, ledit score de menace étant l'éventualité quantifiée de la survenance de la ou des menaces à la suite de l'utilisation de l'application sur la base d'une utilisation prédite de l'application,

ledit score de vulnérabilité étant l'éventualité quantifiée de la survenance de la ou des menaces à la suite de l'utilisation de l'application sur la base d'un nombre et/ou de la force des mesures de sécurité fournies dans l'application, et

ledit score d'erreur humaine étant une éventualité quantifiée de la survenance de la ou des menaces à la suite de l'utilisation de l'application sur la base de l'éventualité d'erreurs humaines survenant lors de l'utilisation de l'application ;

la détermination (305) d'une valeur de quantificateur de menace, sur la base du score de menace, du score de vulnérabilité et du score d'erreur humaine, en multipliant une somme du score de menace et du score de vulnérabilité par le score d'erreur humaine et en divisant par une variable constante ;

la détermination (307) d'une valeur de quantificateur d'impact sur la base du score d'impact commercial et du score de popularité, en multipliant le score d'impact commercial par le score de popularité, en multipliant par 2, et en divisant par la variable constante ;

la détermination (309) d'un niveau de gravité de menace et d'un niveau de gravité d'impact sur la base de la valeur de quantificateur de menace correspondante et de la valeur de quantificateur d'impact ; et

l'identification (311) du ou des cas d'essai sur la base d'une combinaison du niveau de gravité de la menace et du niveau de gravité de l'impact pour effectuer des essais de pénétration de l'application.


 
2. Procédé selon la revendication 1, lesdites données comprenant le type d'application, les données d'erreur humaine, les données de vulnérabilité, les données d'impact commercial et les données de popularité.
 
3. Procédé selon la revendication 1 ou 2, ladite détermination du score de menace comprenant :

la classification des paramètres de menace prédéfinis liés à un type d'application dans l'une d'une catégorie inférieure, d'une catégorie moyenne et d'une catégorie supérieure, les paramètres de menace comprenant un type d'application, une utilisation d'application, un nombre d'utilisateurs pour l'application, un nombre de visites pour l'application, et une fréquence d'utilisation de l'application ;

l'attribution d'une valeur de pondération prédéfinie à la catégorie inférieure, à la catégorie moyenne et à la catégorie supérieure ; et

la détermination du score de menace sur la base de la valeur de pondération prédéfinie attribuée à l'aide d'une première équation :

où K est une variable constante.


 
4. Procédé selon l'une quelconque des revendications précédentes, ladite détermination du score de vulnérabilité comprenant :

la classification des paramètres de vulnérabilité prédéfinis liés à des données de vulnérabilité dans l'une d'une catégorie inférieure, d'une catégorie moyenne et d'une catégorie supérieure, les paramètres de vulnérabilité comprenant : un nombre de tickets de production liés à un code source de l'application, combien de développement a été réalisé dans l'application, combien de temps un système comprenant l'application a été actif, la vulnérabilité d'une base de données associée à l'application, et un type d'informations, la base de données comprenant ;

l'attribution d'une valeur de pondération prédéfinie à la catégorie inférieure, à la catégorie moyenne et à la catégorie supérieure ; et

la détermination du score de vulnérabilité sur la base de la valeur de pondération prédéfinie attribuée à l'aide d'une deuxième équation :


 
5. Procédé selon l'une quelconque des revendications précédentes, ladite détermination du score d'erreur humaine comprenant :
la classification des paramètres d'erreur humaine prédéfinis liés à des données d'erreur humaine dans l'une d'une catégorie inférieure, d'une catégorie moyenne et d'une catégorie supérieure, les paramètres d'erreur humaine comprenant :

la formation en sécurité suivie par le développeur/l'équipe de développement de l'application, la quantité de mégadonnées impliquées dans l'application, la mise en œuvre de fonctionnalités de sécurité centrées sur les données dans l'application, et l'expérience du développeur en codage ;

l'attribution d'une valeur de pondération prédéfinie à la catégorie inférieure, à la catégorie moyenne et à la catégorie supérieure ; et

la détermination du score d'erreur humaine sur la base de la valeur de pondération prédéfinie attribuée à l'aide d'une troisième équation :

où K est une variable constante.


 
6. Procédé selon l'une quelconque des revendications précédentes, ladite détermination du score d'impact commercial comprenant :

la classification des paramètres d'impact commercial prédéfinis liés à des données d'impact commercial dans l'une d'une catégorie inférieure, d'une catégorie moyenne et d'une catégorie supérieure, les paramètres d'impact commercial comprenant : un besoin de l'application pour le commerce, une surcharge du système comprenant l'application étant, un nombre de scénarios d'essai critiques présents pour l'application, si l'application contient ou non des informations personnelles, de conformité et représentant une menace pour la vie ;

l'attribution d'une valeur de pondération prédéfinie à la catégorie inférieure, à la catégorie moyenne et à la catégorie supérieure ; et

la détermination du score d'impact sur le commerce en fonction de la valeur de pondération prédéfinie attribuée à l'aide d'une quatrième équation :


 
7. Procédé selon l'une quelconque des revendications précédentes, ladite détermination du score de popularité comprenant :

la classification des paramètres de popularité prédéfinis liés à des données de popularité dans l'une d'une catégorie inférieure, d'une catégorie moyenne et d'une catégorie supérieure, les paramètres de popularité comprenant : une zone dans laquelle l'application est disponible, si la zone comporte une personnalité populaire en tant que client pour l'application, la ou les zones dans lesquelles l'application est utilisée, une population dans la ou les zones, un nombre d'écoles/collèges qui sont dans la zone et un nombre total d'adultes liés à l'industrie du logiciel dans la ou les zones ;

l'attribution d'une valeur de pondération prédéfinie à la catégorie inférieure, à la catégorie moyenne et à la catégorie supérieure ; et

la détermination du score de popularité sur la base de la valeur de pondération prédéfinie attribuée à l'aide d'une cinquième équation :

où K est une variable constante.


 
8. Procédé selon l'une quelconque des revendications précédentes, ladite détermination du niveau de gravité de la menace comprenant :

la comparaison de la valeur de quantificateur de menace à une ou plusieurs plages de valeurs de menace prédéfinies, chacune de la ou des plages de valeurs de menace prédéfinies étant associée(s) à l'une d'une catégorie inférieure, d'une catégorie moyenne et d'une catégorie supérieure ; et

l'obtention de l'une de la catégorie inférieure, de la catégorie moyenne et de la catégorie supérieure correspondant à la plage de menaces prédéfinie correspondante.


 
9. Procédé selon l'une quelconque des revendications précédentes, ladite détermination du niveau de gravité d'impact comprenant :

la comparaison de la valeur de quantificateur d'impact avec une ou plusieurs plages de valeurs d'impact prédéfinies, chacune de la ou des plages de valeurs d'impact prédéfinies étant associée(s) à l'une d'une catégorie inférieure, d'une catégorie moyenne et d'une catégorie supérieure ; et

l'obtention de l'une de la catégorie inférieure, de la catégorie moyenne et de la catégorie supérieure correspondant à la plage de valeur d'impact prédéfinie correspondante.


 
10. Système d'essai d'application (107) destiné à identifier un ou plusieurs cas d'essai pour l'essai de pénétration d'une application associée à une entité, le système d'essai d'application comprenant :

un processeur (109) ; et

une mémoire (113) couplée en communication au processeur, ladite mémoire stockant les instructions exécutables par le processeur, qui, lors de l'exécution, amènent le processeur à exécuter le procédé de l'une quelconque des revendications précédentes.


 
11. Support lisible par ordinateur non transitoire comprenant des instructions stockées sur celui-ci qui, lorsqu'elles sont traitées par au moins un processeur (109), amènent un système d'essai d'application (107) à effectuer le procédé de l'une quelconque des revendications 1 à 9.
 




Drawing

















Cited references

REFERENCES CITED IN THE DESCRIPTION



This list of references cited by the applicant is for the reader's convenience only. It does not form part of the European patent document. Even though great care has been taken in compiling the references, errors or omissions cannot be excluded and the EPO disclaims all liability in this regard.

Patent documents cited in the description