Fork me on GitHub

Test and Verification -> Test-Intensity: Deactivating of unneeded tests

Risk and Opportunity

Risk: As tools cover a wide range of different vulnerability tests, they might not match the used components. Therefore, they need more time and resources as they need and the feedback loops takes too much time.
Opportunity: Unneeded tests are deactivated. For example in case the service is using a Mongo database and no mysql database, the dynamic scan doesn't need to test for sql injections.

Additional Information

Usefulness and Requirements of this Activity

Usefullness: Very Low
Required knowledge: Low (one discipline)
Required time: Medium
Required resources (systems): Very Low


ISO27001 2017