Security Testing – QA Valley

Security Testing

Security Testing is that genre of QA that assesses the robustness and / or vulnerability of a business application or software system to computing accessibility constructs pertaining to: authentication, authorization, confidentiality.

Although QA Valley has the knowhow to perform several flavors of security assessment, there are five areas of exposure that are of greatest demand by our clientele. These five areas are specifically: 1) Unauthorized Access, 2) Identity Spoofing, 3) SQL Injection, 4) URL Manipulation, and 5) Denial of Service. Through a set of formal practices, QA tools, and test engineers QA Valley is able to assess the robustness of software and systems to these exposure types. The end result is a set of security metrics that highlight exposure levels, poorly design security measures, and pinpoint specific areas of vulnerabilities.

QA Valley is notoriously exhaustive and vigilant in its efforts to uncover areas of greatest exposure in software systems. The press is now saturated with reports covering cybersecurity events being conducted in a global scale against governments, large multinationals, private institutions, and individuals. Security tools have become more sophisticated, but cyber criminals have equally increase their ability to infiltrate some of the most secured systems and institutions. To remain abreast, QA Valley continually upgrade its skills to counteract the growing threats; thereby giving our clients a distinct competitive advantage.

As part of our Security Testing services, QA Valley is retained in long term engagements by larger clients to conduct planned vulnerability attacks to establish the robustness of front end firewalls, or to reaffirm security exposure thresholds after system upgrades. For smaller businesses, these are short term engagements focused on specific areas of vulnerability such as Denial of Service or Identity Spoofing to be conducted prior to a major release. It may also be necessary for businesses to comply with security standards enforced by industries such as financial services, and these are easily executed as single engagements.

© 2021 QA Valley, Inc.

Privacy policy

QA Valley maintains and observes strict policies and guidelines regarding information gathered on visitors and users of the QA Valley web site. For strategic marketing purposes and the protection of intellectual property, QA Valley occasionally accumulates personal and non-personal information on the use and behavior of visitors to our site. Although QA Valley occasionally captures limited personal and non-personal information on visitors and their companies, it is essential that visitors understand our policies regarding the use of such information. The following sections present highlights and implications on QA Valley’s privacy policies.

Information Capture

There are selected areas on the QA Valley web site where the collection of information is necessary. These are areas such as the submission of comments or requests, any registration that may be necessary before the download of research papers, and the download of selected brochures that may contain proprietary QA Valley intellectual capital. In these areas users are only required to enter the minimum information needed, and that information is only used for tracking who has downloaded what, and when.

QA Valley may also capture information regarding the type of browser visitors use (e.g., FireFox, Netscape, Internet Explorer, etc.), the type of operating system used (e.g., Windows, Mac OS, etc.), and the domain name of visitors’ Internet service providers (e.g., Cox, Verizon, America Online, Earthlink, etc.). This non-personal information is utilized to enrich the user experience. We also maintain a count of the files detected and cleaned by antiviral utilities.

Information Use

QA Valley may use the personally identifiable information visitors provide, as well as the non-personally identifiable information collected to fulfill requests for demonstration products, presentations, research papers, etc. QA Valley only markets to users and visitors that have elected to receive such information, and users and visitors are always presented with the opportunity to end any such marketing.

QA Valley does not sell, share, or transfer personal identifiable information to any third party. If QA Valley is acquired by a third party, it is expected that the third party observes the same privacy policy we have established. Namely, QA Valley may disclose personal identifiable information in connection with the sale of our assets, but QA Valley will attempt to ensure that the acquiring company honors our policies.

QA Valley may disclose personal identifiable information in response to a legal process, for example, in response to a court order or a subpoena or a law enforcement agency’s request. Since QA Valley is a US corporation, it is an imperative that it upholds all US laws.

Security

When visitors register and submit sensitive information, that information is encrypted and is protected through multiple levels of authentication. Similarly, whenever information is transmitted to visitors, QA Valley enforces a completely secure transmission method.

Tracking

QA Valley uses IP address tracking for purposes of system administration to analyze trends, administer the site, track users’ movement, and gather broad demographic information for aggregate use. IP addresses are not linked to personal identifiable information and are not share with other parties.

Contact

If you feel that QA Valley is not abiding by its posted privacy policy, you should contact us by email at publicrelations@QA Valley.com, by phone at +1 (202) 747-3443, or by regular mail to 1629 K Street, NW, Washington, DC 20006 USA.

Terms of use

Access and use of the QA Valley website is subject to the following terms of use and applicable laws. By using this site it is understood that you accept the following terms and conditions without limitation or qualification. If any part of the terms and conditions is not acceptable to you, it is advised that you immediately terminate further use of the site.

QA Valley reserves the right to change, modify, add, or delete portions of the terms and conditions on this site at any time, without prior notice. It is advised that you periodically review the Terms of Use for changes. Your continued use of the site will mean that you accept all such changes or deletions.

Warranty

The content on this web site is provided without warranty of any kind. QA Valley disclaims all warranties without limitations including the implied warranties of title, non-infringement with respect to this web site and the material on the web site. QA Valley also makes no representations of warranties as to whether the information accessible on this web site is accurate, complete, or current.

Liability

In no event will QA Valley be liable for damages of any kind, including without limitation, direct, incidental or consequential damages (including, but not limited to, damages for lost profits, business interruption and loss of programs or information) arising out of the use of or inability to use QA Valley’s website or information provided on the website, or any claim attributable to errors, omissions or other inaccuracies in interpretation.

None of QA Valley’s national practices or affiliates, or any partners, principals, stockholders, employees, or contractors will be liable for any special, indirect, incidental, consequential, or punitive damages or any other damages whatsoever, whether in an action of contract (including, without limitation, negligence), or otherwise, relating to the use of information on this site.

Infringement

QA Valley prohibits the posting of any information that infringes or violates the copyright rights or other intellectual property rights of any person or entity. If you believe that your intellectual property right is infringed by any content on this site, please contact QA Valley with a written statement containing the intellectual property right claimed to have been infringed.

QA Valley will remove any posted submission that infringes the copyright or other intellectual property right of any person or entity under U.S. law upon receipt and verification of such a statement. U.S. law provides significant penalties for submitting false claims, and parties repeatedly submitting infringing or unlawful material may be liable for the cost associated with processing such false claims.

Hyperlinks

QA Valley does not represent nor endorse any other website which is accessible through this site. If control is transferred to another website through a hyperlink on this site, understand that it is independent from QA Valley, and that QA Valley has no control over its content even if QA Valley provides services to the affected organization. QA Valley further disclaims any liability and responsibility for the content on transferred sites, and reminds you to take precautions to ensure that whatever you select is free of malicious web entities such as viruses, worms, and trojan horses.

Trademarks

QA Valley and www.qavalley.com are registered trademarks of QA Valley, Inc. a United States corporation with headquarters in Washington, DC, USA. If the user has any questions or comments regarding the website or would like to obtain permission to use any of the information or content, please use our contact form to reach us.