http://www.cigital.com/justice-league-blog/2008/03/31/how-do-companies-address-security-testing/ Wed, 30 Nov 2011 15:50:04 +0000 hourly 1 http://wordpress.org/?v=3.2.1 http://www.cigital.com/justice-league-blog/2008/03/31/how-do-companies-address-security-testing/#comment-92 Justice League » Blog Archive » Is Penetration Testing Security Testing? [Cigital] Wed, 09 Apr 2008 14:47:55 +0000 http://www.cigital.com/justiceleague/2008/03/31/how-do-companies-address-security-testing/#comment-92 [...] Because black box tools to a large extent run canned tests they will not satisfy my security testing goal (see previous entry) of having run tests that one traces back to requirements. ‘Requirements that one created as a result of doing risk analysis that determines exactly what behaviors (and their impacts) should be avoided were the software attacked. [...] [...] Because black box tools to a large extent run canned tests they will not satisfy my security testing goal (see previous entry) of having run tests that one traces back to requirements. ‘Requirements that one created as a result of doing risk analysis that determines exactly what behaviors (and their impacts) should be avoided were the software attacked. [...]

]]>