The purpose for thesis was to examine for JYVSECTEC how security testing could be brought to a stabilized level in quality despite of the test user. The research was conducted by using the OWASP (Open Web Application Project) testing checklists for guidance, using which the testing group executed the testing. The comparison group did not use any guidance for testing, instead, it rather executed the testing and chose the test cases freely.

The tested target was a WordPress website, to which the testers had access through virtual machine network. Kali Linux distribution security testing tools were used for testing.

The research revealed that the use of checklists for testing is valuable and gives a more versatile and comprehensive result of security of the tested target; however, there was a great deal of dispersion in the results which was mainly due to the lack of test users’ experience or knowledge.

Using the checklists enables to achieve stability in testing quality if the test users are trained and prepared for the same level in the use of the testing tools, tested target, test environment, test case analysis and know-how.