CRV2 CantHackSecure

From OWASP
Revision as of 06:39, 14 June 2013 by EoinKeary (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

We cant hack ourselves secure. Penetration testing is generally a point in time test. As source code changes the value of the findings of a penetration test degrade with time. There are also privacy, compliance and stability and availability concerns which are generally not covered by penetration testing. Data information leakage in a cloud environment for example may not be discovered via a penetration test.