Web Application Security: The Truth About White Box Testing Vs. Black Box Testing
Source: Cenzic
This paper explores the role of white box vs. black box testing. White box testing technologies have a definite but limited use and value. From a Web application security perspective it must be understood that significant blind spots come with white box testing. Ultimately white box testing is not sufficient to secure applications: simply put organizations that rely solely on white box technologies will be exposed to vulnerabilities in their applications, thus making it an ineffectual method of testing real-world risks. This paper will demonstrate black box or dynamic testing is ultimately the appropriate solution for "Truly" securing Web applications.
| Format: | Size: | 188.17 | |
| Date: | May 2009 |
People who downloaded this item also downloaded
- Application Security Market Trends for Service Providers: Security Approaches for Business-Critical Applications and Data in Today's Evolving Threat Landscape
- Financial Fraud and Internet Banking: Threats and Countermeasures
- A Practical Guide to Web Application Security: Mitigating the OWASP Ten Most Critical Web Application Security Problems With Check Point Solutions
- Security Testing and Compliance for Online Banking in Real-World
- Security and Usability: The Gap in Real-World Online Banking
