What is Integrity Testing in Cyber Security?

Duane Chambers
2 min readJun 15, 2023

--

Integrity checking typically involves comparing the data or system’s current state or content with an objective benchmark, such as a trusted reference or set of known-good rules and checksums.

Integrity checking is a component of cybersecurity. This involves verifying the completeness and authenticity of data or systems to ensure that no illegal or unexpected alterations or manipulations have occurred.

Integrity checking typically involves comparing the data or system’s current state or content with an objective benchmark, such as a trusted reference or set of known-good rules and checksums. Comparing the present to trusted references can identify and address any discrepancies, modifications, or potential security breaches.

Integrity checks use a variety of techniques to verify data integrity. Some examples include:

Checksums, Hash Functions. These are digital fingerprinting features that generate unique values based on data content. They can be used to detect integrity violations quickly. Comparing generated values to known good values can quickly identify integrity violations.

Digital Signatures. Digital signatures employ cryptographic methods to attach data and provide a means of verifying their integrity and authentication. If the signature is not identical or has been altered, it could indicate that there was a breach of integrity.

Version Control System: These systems track changes to source code or files and compare versions to identify unapproved modifications.

File Integrity (FIM). FIM tools constantly monitor files and system components to detect any changes. They notify or alert administrators of unwelcome modifications.

Integrity checking is crucial to protecting against different cyber threats. These include unauthorized modifications, malware attacks, data corruption, etc. Maintaining the integrity of systems and data assets allows organizations to support their trustworthiness, accuracy, and reliability in managing digital assets.

I recommend visiting OWASP and Zimperium’s Mobile Security Glossary to learn more about mobile security.

--

--

Duane Chambers

I provide advisory services for corporations and executives regarding network architecture, test design/execution, network virtualization and datacenter design.