This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Application Penetration Testing
January-February 2005 (vol. 3 no. 1)
pp. 66-69
Herbert H. Thompson, Security Innovation
Seemingly insignificant issues in applicaitons, from a quality assurance perspective, can turn out to be gaping security holes. Yet, these severe security issues often don't fit the model of traditional functional flaws. Often, testers and developers just fail to notice the side-effects of applicaiton choices, which typical software quality assurance procedures aren?t well suited to exposing. Security bugs' hidden nature requires specific, focused application-security testing techniques that defy the traditional model of verifying application specifications and instead identify the unspecified and insecure side-effects of "correct" application functionality. This installment of Basic Training examines application penetration testing--software testing that?s specifically designed to hunt down security vulnerabilities.
Index Terms:
security vulnerabilities, software testing, security flaws, QA
Citation:
Herbert H. Thompson, "Application Penetration Testing," IEEE Security & Privacy, vol. 3, no. 1, pp. 66-69, Jan.-Feb. 2005, doi:10.1109/MSP.2005.3
Usage of this product signifies your acceptance of the Terms of Use.