Chapter 4 – Test Analysis & Design
Attack Testing – ISTQB Definition
Last Updated: July 12, 2026 · SoftwareTestPilot QA Team
Official ISTQB Definition
Directed and focused attempts to evaluate the quality (usually security) of a test object by attempting to force specific failures to occur.
In simple words
Deliberately attack the system the way a real attacker would — SQL injection, XSS, buffer overflows.
Exam tip
Attack testing is a security-focused experience-based technique; Whittaker's book coined the term.
Related terms
- Security TestingTrying to break in, leak data, or escalate privileges — before an attacker does.
- Experience-Based TestingTests come from what you’ve seen break before — error guessing, exploratory testing, checklist-based testing.
- Exploratory TestingYou learn the product while testing it, using your experience to decide what to try next instead of following a pre-written script.
Practice this term in the ISTQB Mock Test
40 CTFL v4.0 questions, 60-minute timer, instant scoring and chapter-wise breakdown.
Practice in Mock Test