London software testing news UK

White box testing

Posted in Software testing by testing in London on November 23, 2009

From Search Security

White box testing is also called structural testing and static analysis. The source code — or a compiled binary of it — is assessed from an insider’s view for security vulnerabilities and coding flaws. White box testing is commonly used early in the development process because it can be applied effectively while the code and modules are still being created.

With white box testing, developers can install plug-ins into their integrated development environment (IDE) of choice and catch semantic coding errors even before the code is checked-in or compiled. Think of this kind of analysis like a spell checker; it’s great for checking many potential mistakes early in the process, but it’s not a replacement for a proficient editor. This is due, in part, to the fact that software vulnerabilities are not semantic.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: