Between pen testing and code review, which Web application security test would you choose?

searchsecurity Michael Cobb, Application Security Profile: searchsecurity
Tags:
PEN testing
Penetration Testing
Web application security

1 Reply to this discussion

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members reply.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • JakobStorm
    This is a hard question. If security is a priority for the business I would naturally opt for both. But a pen tester will more likely identify vulnerabilities that are not only linked to code but also to logic. It is hard for someone doing code review on someone else code to also see the logic functional faults. I would recommend doing code review, then a pentest and then run an ongoing crowdsourced security program.
    10 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following