What would an "audit" or auditor do?
Keep an eye on the github repo?
Look for exploits in the live app?
"PenTest" the company itself?
You are viewing a single comment's thread from:
What would an "audit" or auditor do?
Keep an eye on the github repo?
Look for exploits in the live app?
"PenTest" the company itself?
Generally review the code for security issues and/or exploits. Ideally, regularly, but most are lucky if it is even done once halfassed.