|
|
| Line 1: |
Line 1: |
| − | ==Overview==
| + | #redirect [[:Category:BP2 Perform application assessments]] |
| − | While it’s true that you cannot test security into an application, application testing and assessments should still be a central component of your overall security strategy. Assessments — particularly automated tests — can find security problems not detected during code or implementation reviews, find security risks introduced by the operational environment, and act as a defense-in-depth mechanism by catching failures in design, specification or implementation. Test and assessment functions are typically owned by a test analyst or by the QA organization but can span the entire life cycle.
| |
| − | | |
| − | {{Template:SecureSoftware}}
| |
| − | [[Category:CLASP Best Practice]] | |
| − | [[Category:OWASP CLASP Project]]
| |
