O'Reilly logo

Enterprise Software Security: A Confluence of Disciplines by Dan S. Peters, Mark G. Graff, Diana L. Burley, Kenneth R. van Wyk

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

5. Testing Activities

Image

Where does testing belong in the secure life cycle? Can the security of an application be ensured by exhaustive testing of all possible inputs and endpoints—by “testing security in”—without properly caring for it in the preceding phases of product development? We hope the answer is clear by now: absolutely not! Neither do security activities cease after the testing phase. What is special, then, about this phase of software development?

If you happen to have skipped the previous chapters, please do go back and read them first. Proper testing relies on information collected in earlier stages! It will be used, too, to influence ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required