Security TestingInformation security testing aims to identify and reduce vulnerabilities in user interfaces, communication endpoints, APIs and services with secure code reviews, vulnerability scans, penetration tests and security audits. The goal is to close as many vulnerabilities as possible before shipping code.
Public HardeningCode that has been exposed to networks such as the internet tends to become hardened with time as it faces public scrutiny and security attacks. For example, a release of linux used on hundreds of thousands of internet servers for many years would generally be considered more hardened than a new operating system that has just been launched. This is assuming that someone is fixing vulnerabilities when they are found.
Open Source vs Closed SourceGenerally speaking, popular open source software has a hardening advantage over closed source software. Being able to view source code initially gives attackers a major advantage that quickly leads to hardening of code.
The process of identifying and fixing security vulnerabilities by opening technology to scrutiny and attack.