This Article 
 Bibliographic References 
 Add to: 
Application Penetration Testing
January-February 2005 (vol. 3 no. 1)
pp. 66-69
Herbert H. Thompson, Security Innovation
Seemingly insignificant issues in applicaitons, from a quality assurance perspective, can turn out to be gaping security holes. Yet, these severe security issues often don't fit the model of traditional functional flaws. Often, testers and developers just fail to notice the side-effects of applicaiton choices, which typical software quality assurance procedures aren?t well suited to exposing. Security bugs' hidden nature requires specific, focused application-security testing techniques that defy the traditional model of verifying application specifications and instead identify the unspecified and insecure side-effects of "correct" application functionality. This installment of Basic Training examines application penetration testing--software testing that?s specifically designed to hunt down security vulnerabilities.
Index Terms:
security vulnerabilities, software testing, security flaws, QA
Herbert H. Thompson, "Application Penetration Testing," IEEE Security & Privacy, vol. 3, no. 1, pp. 66-69, Jan.-Feb. 2005, doi:10.1109/MSP.2005.3
Usage of this product signifies your acceptance of the Terms of Use.