8.3. Summary
The most expensive component of nearly any Drupal project is the time of the developers and themers who are building the site. Automated testing tools can reduce the time they have to spend auditing code looking for security weaknesses. Whether those weaknesses come from contributed modules in use, code from a third-party vendor, or even your own code, an automated system can help you find lots of basic problems.
Automated scanning will never replace human review. As the examples in this chapter have shown, the results of automated tests are often fairly useless without human investigation. However, automated testing tools can review a much larger area of the site in less time than a human review and can be valuable for eliminating basic problems.
Get Cracking Drupal®: A Drop in the Bucket now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
