mirror of
https://github.com/azaion/annotations.git
synced 2026-04-22 22:46:30 +00:00
Oleksandr Bezdieniezhnykh
31 lines
818 B
Markdown
31 lines
818 B
Markdown
# Security Tests Template
|
|
|
|
Save as `DOCUMENT_DIR/tests/security-tests.md`.
|
|
|
|
---
|
|
|
|
```markdown
|
|
# Security Tests
|
|
|
|
### NFT-SEC-01: [Test Name]
|
|
|
|
**Summary**: [What security property this validates]
|
|
**Traces to**: AC-[ID], RESTRICT-[ID]
|
|
|
|
**Steps**:
|
|
|
|
| Step | Consumer Action | Expected Response |
|
|
|------|----------------|------------------|
|
|
| 1 | [attempt unauthorized access / injection / etc.] | [rejection / no data leak / etc.] |
|
|
|
|
**Pass criteria**: [specific security outcome]
|
|
```
|
|
|
|
---
|
|
|
|
## Guidance Notes
|
|
|
|
- Security tests at blackbox level focus on black-box attacks (unauthorized API calls, malformed input), not code-level vulnerabilities.
|
|
- Verify the system remains operational after security-related edge cases (no crash, no hang).
|
|
- Test authentication/authorization boundaries from the consumer's perspective.
|