As Security/ Penetration testing is non functional requirement so this is entirely a different ball game and my experience says the same good old strategy or approach of SIT doesn’t work in this case. So security/ pen tester should follow entirely new kind strategy or approach.
In my experience security testing should follow “context driven testing school” model of execution.
http://www.context-driven-testing.com/
No comments:
Post a Comment