Chapter 1. Approach to Security Testing
We’ve seen how important banking applications are and the kind of threats they are faced with. The most effective approach to securing them would be to follow a secure development lifecycle and take care of security right from the design and code level. This would work for future applications; but what about the thousands of applications already in use? How do we secure them before an attacker gets to them? How can we predict an attacker’s actions? We can’t do this without becoming attackers ourselves. That’s what application penetration testing is all about – first (with the application owner’s formal, documented permission) attack the application in all possible ways and then fix the weaknesses found. ...
Get Security Testing Handbook for Banking Applications now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.