From the course: Developing Secure Software (2015)
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Dynamic analysis
- Unlike static code analysis, dynamic code analysis tests software while it's running. Dynamic analysis can be done in two ways. One is black-box testing and the other is white-box testing. In the case of white-box testing, it tests the software, both in it's intended and unintended ways of use. It validates the security functionality of the software and checks whether implementation confirms to it's original design. There are some requirements to be met to conduct effective white-box testing. The obvious requirement is access to source code. The test team also needs the knowledge of what makes the software secure and vulnerable. In addition, they need to think like an attacker. The best time to conduct white-box testing is during the uni-test phase, although, it can be done anytime during a typical software engineering life cycle. Unlike the white-box testing, black-box testing can only depend on the software requirements or specifications. Testers don't have the knowledge of the…
Contents
-
-
-
-
-
-
-
(Locked)
Testing for security1m 4s
-
(Locked)
Static analysis1m 41s
-
(Locked)
Exploring tools for static analysis1m 42s
-
(Locked)
Dynamic analysis1m 37s
-
(Locked)
Dynamic analysis tools59s
-
(Locked)
Penetration testing1m 33s
-
(Locked)
Penetration testing tools2m 18s
-
(Locked)
Vulnerability management1m 42s
-
(Locked)
Vulnerability management tools1m 57s
-
(Locked)
-
-