Message error validating verification code
The group fully understands that not everyone will agree upon all of these decisions.However, OWASP is able to take the high ground and change culture over time through awareness and education based on consensus and experience.It was also a challenge to change the focus of web application testing from penetration testing to testing integrated in the software development life cycle.However, the group is very satisfied with the results of the project.Readers can use this framework as a template to build their own testing programs or to qualify other people’s processes.The Testing Guide describes in detail both the general testing framework and the techniques required to implement the framework in practice.
Until this happens, CIOs will not be able to develop an accurate return on security investment and, subsequently, assign appropriate budgets for software security.
Writing the Testing Guide has proven to be a difficult task.
It was a challenge to obtain consensus and develop content that allowed people to apply the concepts described in the guide, while also enabling them to work in their own environment and culture.
As a result of this, many outsiders regard security testing as a black art.
The aim of this document is to change that perception and to make it easier for people without in-depth security knowledge to make a difference in testing. This document is designed to help organizations understand what comprises a testing program, and to help them identify the steps that need to be undertaken to build and operate a testing program on web applications.