Embodiments of the present disclosure relate to methods and systems for hybrid testing, combining the optimization features of functional testing brought forth to security testing. One disclosed method may include receiving a list of input points associated with a software unit under test and assigning, by a processor, risk values to the input points based on one or more risk rating factors. The risk values may reflect security risk associated with the input points. The method may further include providing, to the software unit under test, input values indicative of a functional test for input points assigned values reflecting a low security risk and input values indicative of a security test for input points assigned values reflecting a high security risk. The method may further include executing a security test for the software unit under test using the input values.