Pen testing and the Secure Software Development Lifecycle

1 Module 3 Sections

Penetration (or pen) testing is an example of a black box DAST (Dynamic Application/Analysis Security Test). It involves software security experts trying to exploit application code either manually or automatically. Although a traditional approach to software security and one which provides no direct insight into the application source code, pen testing remains a key component of the Secure Sofware Development Lifecycle (SSDLC).