cybeer secur

Response ….100 min… agree or disagree..

he white, gray and black testing models are all ways to ensure an organization is protected through different ways in security testing. According to Prole (2018), “Understanding the differences between each type will help you form a strong plan for application security testing that will decrease your chances of being exposed to potential threats and maximize resources, funds, and time (p.1).

Black box testing is beneficial because it allows testing which will mimic a hacker and their actions of looking at the application from the outside. It is assumed that with black box testing the attacker has no knowledge of the application’s inner workings and the term black box comes from not being able to see the contents. On the other hand, white box testing refers is when knowledge of the application is known with access to the source code. This allows for any gaps and vulnerabilities to be tested throughout the application even during the development process. Finally, we have gray hat testing which is utilizing both methods of white and black box to bring you a balance of both. Gray box testing is under the basis that the attacker might be familiar with the some of the internal workings of an application and its code. An organization is going to benefit from having all three testing models available, as it will allow a blended approach and testing strategy to keep an application more resilient to hackers.

Prole, K. (2018, January 19). White box, black box, and gray box vulnerability testing: What’s the difference and why does it matter? Retrieved from https://codedx.com/black-white-and-gray-box-vulnerability-testing-code-dx-blog/