Security Testing for Web Applications in SDLC.

      Аннотация: The main objectives of this research are to gather the benefits and challenges of security testing in the last phase versus security testing in every phase of the SDLC. After gathering, authors want to compare both implementations because these days most organizations are shifting from last phase to every phase of SDLC. Justification to the reason can be achieved by this comparison. In order to satisfy the objectives of this book, a literature review and interviews were conducted. The literature review was conducted by gathering benefits and challenges of last phase and every phase of SDLC. Authors have applied coding technique to the data gathered from literature review. By using the results from literature review, a set of questions were framed. Based on these questions, interviews in various organizations were performed. To analyze the practitioner’s data we used Sorting and Coding technique. Then, we conducted a comparative analysis to compare both results.Application of security testing in the last phase of the SDLC results in a lot of rework which in turn leads to instability in managing the cost, time and resources in an organisation.

Ключевые слова: Testing, SDLC, Web Application, security testing