Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Open-Source Security Testing Methodology (OSSTMM) can this testing metholody applied for software applications for test its secuirty concerns ?
Yes it can. The elements of the OSSTMM for measuring the attack surface are completely applicable to code. You should check out the SCARE project which is the Source Code Analysis Risk Evaluation. It shows how one can measure the operational attack surface from the source code. It’s available at http://www.isecom.org/scare