A comprehensive assessment is a systemic assessment performed on the application code.
Security Comprehensive Assessment – This is a line-by-line assessment of the application code to ensure there are no security vulnerabilities such as clear text passwords and SQL injection problems. NOTE: if we do not have access to the source code for a 3rd-party application black-box testing will be conducted.
Privacy Comprehensive Assessment – This is an assessment of the application code to ensure there are no privacy violations such as using the incorrect privacy statement or Legal Notice and not using data input validation rules (e.g., zip codes should only have numeric values).
No comments:
Post a Comment