This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

BP2 Perform application assessments

From OWASP
Revision as of 10:30, 29 May 2006 by Pravir Chandra (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Overview

While it’s true that you cannot test security into an application, application testing and assessments should still be a central component of your overall security strategy. Assessments — particularly automated tests — can find security problems not detected during code or implementation reviews, find security risks introduced by the operational environment, and act as a defense-in-depth mechanism by catching failures in design, specification or implementation. Test and assessment functions are typically owned by a test analyst or by the QA organization but can span the entire life cycle.

Retrieved from "https://wiki.owasp.org/index.php?title=BP2_Perform_application_assessments&oldid=4288"