Starting with a Recon Session
The biggest difference between exploring features under development and using exploratory techniques to characterize an existing system is in the kind of information you are seeking. When you’re exploring new development, you’re usually looking for emerging risks and vulnerabilities resulting from design and implementation decisions. When you’re exploring an existing system, you may want to discover risks, but first you need to find out what it does, what it interfaces with, and how the pieces and parts all connect together.
A recon session is a special kind of session in which you begin mapping the territory of the system. At the end of a recon session you’ll know more about the scope of exploration required ...
Get Explore It! now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
