R066. Define components to be tested

Requirement

The components to be tested (in white box tests) must be defined.

Description

There must exist a list of system components to be tested during the different stages of the development lifecycle.

Implementation

  1. Once the system components have been identified, the testing plan for those mentioned above must be established in order to ensure the control of the possible existing vulnerabilities. The list of components to be tested must be delivered during the execution of each testing stage.

Attacks

  1. A system component remains untested because it was not identified during the testing stage and it is exploited in the production stage.

Attributes

  1. Layer: Business

  2. Asset: Security architecture

  3. Scope: Adherence

  4. Phase: Testing

  5. Type of control: Recommendation

Fluid Attacks logo Start with Fluid Attacks

Fluid Attacks logo Contact us

OWASP logo

We are a proud corporate member of the OWASP Foundation

Contact Us

Number is valid Number is not valid
Please select an option

Clutch Review

Copyright © 2020 Fluid Attacks, We hack your software. All rights reserved.

Service status - Terms of Use - Privacy Policy - Cookie Policy