5. Testing Activities
Where does testing belong in the secure life cycle? Can the security of an application be ensured by exhaustive testing of all possible inputs and endpoints—by “testing security in”—without properly caring for it in the preceding phases of product development? We hope the answer is clear by now: absolutely not! Neither do security activities cease after the testing phase. What is special, then, about this phase of software development?
If you happen to have skipped the previous chapters, please do go back and read them first. Proper testing relies on information collected in earlier stages! It will be used, too, to influence ...
Get Enterprise Software Security: A Confluence of Disciplines now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
