|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Nelson Sampaio Araujo Junior (nelson
lunenetworks.com.br)Date: Wed Jan 16 2002 - 10:19:52 CST
Nathan,
> A 'black box' test is nothing more than a time-trial to see how many
> vulnerabilities can be found until the contract expires. You just have to
see
> the cross site scripting plugin for webslueth for the reason why black box
> testing is inefficient, if you as a 'black box' tester never get to see
the
> results back from the application unless you can put your 'white hat' on
(god
> I hate that terminology) and monitor the database then you will not find
that
> problem quickly.
The black box is useful not to contaminate the testers minds with design
approachs. There is a need to have both teams.
Regards,
Nelson Junior
nelsonlunenetworks.com.br
nelsonLUNE.com.br
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]