The Great Software Sausage Factory in the Sky(blog.srcclr.com)
blog.srcclr.com
The Great Software Sausage Factory in the Sky
https://blog.srcclr.com/the-great-software-sausage-factory-in-the-sky/
https://blog.srcclr.com/the-great-software-sausage-factory-in-the-sky/
I'm fairly security ignorant, so maybe someone can enlighten me here, but why is the statement "traditional security tools aren’t effective" true? What kind of tools are we talking about? How would blackbox testing be different if the underlying software is changed?
I can definitely see how lower-level parts of the infrastructure would need to be tested differently, but I don't know what changes at the webapp-level.