Security testing is a testing technique to determine if an information system protects data and maintains functionality as intended. It also aims at verifying 6 basic principles as listed below:
Security testing includes the following tests: configuration, secure transmission, identity management, authentication, authorization, session management, data validation, cryptography, business logic and client side testing.
Penetration testing - also called pen testing or ethical hacking is the practice of testing a computer system, network or web application to find security vulnerabilities that an attacker could exploit.
Vulnerability Assessment - A vulnerability assessment is the process of defining, identifying, classifying and prioritizing vulnerabilities in computer systems, applications and network infrastructures and providing the organization doing the assessment with the necessary knowledge, awareness and risk background to understand the threats to its environment and react appropriately.
OWASP TO 10 tests - The OWASP Top 10 is a standard and powerful awareness document for web application security. It represents a broad consensus about the most critical security risks to web applications. Project members include a variety of security experts from around the world who have shared their expertise to produce this list.