The study examines the principles of ensuring cybersecurity during software testing. The focus is placed on the fact that testing should not be limited to validation checks but must also incorporate risk assessment, compliance with standards, and early-stage vulnerability analysis throughout the software development lifecycle. The study reviews key regulatory requirements (GDPR, HIPAA, PCI DSS, ISO/IEC 27001, NIST Cybersecurity Framework) and analyzes their impact on testing strategies and quality control processes. Special attention is given to the CIA triad (confidentiality, integrity, and availability) and proactive incident planning. The necessity of integrating automated tools (SAST/DAST, SIEM, RPA, etc.) and artificial intelligence algorithms is substantiated to optimize protection procedures and enhance vulnerability detection efficiency. The conclusions emphasize that achieving a high level of product resilience is only possible through the close alignment of security requirements with test scenarios and the continuous refinement of testing methodologies. The findings presented in this study will be of interest to researchers and professionals in information security, software testing specialists, and developers seeking to integrate advanced methods into the protection of information assets.

cybersecurity, software testing, compliance, risk management, automation, CIA triad, standards integration, artificial intelligence

Folorunso A. et al. Security compliance and its implication for cybersecurity //World Journal of Advanced Research and Reviews. – 2024. – Vol. 24 (1). – pp. 2105-2121.

Number of Cyberattacks Increases by 46 % in 2024. [Electronic resource] Access mode: https://coinspaidmedia.com/news/cyberattacks-increase-46-2024 / (date of access: 02/20/2025).

Machireddy J. R., Rachakatla S. K., Ravichandran P. Leveraging AI and machine learning for data-driven business strategy: a comprehensive framework for analytics integration //African Journal of Artificial Intelligence and Sustainable Development. – 2021. – Vol. 1 (2). – pp. 12-150.

Mohamed S. A. et al. Improving efficiency and effectiveness of robotic process automation in human resource management //Sustainability. – 2022. – Vol. 14 (7). – pp. 3920.

Carter W. A., Crumpler W. D. Financial Sector Cybersecurity Requirements in the Asia-Pacific Region. – Center for Strategic and International Studies (CSIS). - 2022. – pp.3-38.

Stevens R. et al. Compliance Cautions: Investigating Security Issues Associated with US Digital-Security Standards //NDSS. – 2020. – pp.2-10.

Taherdoost H. Understanding cybersecurity frameworks and information security standards—a review and comprehensive overview //Electronics. – 2022. – Vol. 11 (14). – pp. 2181.

Zografopoulos I. et al. Cyber-physical energy systems security: Threat modeling, risk assessment, resources, metrics, and case studies //IEEe Access. – 2021. – Vol. 9. – pp. 29775-29818.

Huising R., Silbey S. S. Accountability infrastructures: Pragmatic compliance inside organizations //Regulation & Governance. – 2021. – Vol. 15. – pp. 40-62.

Marotta A., Madnick S. Convergence and divergence of regulatory compliance and cybersecurity //Issues in Information Systems. – 2021. – Vol. 22 (1). – pp. 10-50.

Hamdani S. W. A. et al. Cybersecurity standards in the context of operating system: Practical aspects, analysis, and comparisons //ACM Computing Surveys (CSUR). – 2021. – Vol. 54 (3). – pp. 1-36.

Nazarova K. et al. Preventional audit: implementation of SOX control to prevent fraud //Business: Theory and Practice. – 2020. – Vol. 21 (1). – pp. 293-301.

Williams B., Adamson J. PCI Compliance: Understand and implement effective PCI data security standard compliance. – CRC Press. - 2022.

Kaplan B. Phi protection under hipaa: An overall analysis //Kaplan, B.(with appendix by Monteiro, APL)," PHI Protection under HIPAA: An Overall Analysis," LGPD na Saúde (LGPD Applicable to Health), Dallari, AB, Monaco, GFC, ed., São Paulo: Editora Revista dos Tribunais (Thomsom Reuters). – 2020. – Vol. 2021. – pp. 61-88.

Alshaikh M., Adamson B. From awareness to influence: toward a model for improving employees’ security behaviour //Personal and Ubiquitous Computing. – 2021. – Vol. 25 (5). – pp. 829-841