Security testing defines tests for security requirements of software. Security requirements are non-functional, and thus require a different way of testing compared to functional requirements. Model-based testing applies model-based design for modeling test artifacts or the automation of test activities. Although model-based testing techniques improve security testing, these two testing activities have rarely been combined systematically. Like functional system models improve functional testing, risk models can improve security testing. This paper first gives an overview of existing security testing approaches, and based on that, develops a novel classification for model-based security tests along the two dimensions risk and automated test generation.