Managing the Security Testing Process ◾ 187
from a central source (i.e., iTunes, Android app store, etc.) and installed on the device. An MPT
would have to be performed to check for security issues and data leakage on the device. A request
to review the actual source code would be even more thorough in helping to discover any security
issues. However, it is unlikely that the source code would be made available to the testing team. In
this case, the documentation of any QA, UAT, and security testing performed by the developers
would be extremely beneficial.
ere is also a third option that is a hybrid of the previous two solutions. In this scenario, a
customized graphical user interface (GUI) is developed as an application for a mobile plat ...