Вопрос
If we had to make a choice between Dynamic Black Box testing vs Static White Box testing which one should we prefer ? Dynamic Blackbox testing is testing without having an insight of the underlying code whereas Static White box testing is code review without executing it.
Решение
If you absolutely have to choose, take black box testing. It doesn't help if the code is in perfect shape if it is doing wrong thing. Testing should also validate that the product can be actually used for solving customers' problems.
That said, I don't see why you should (or could) ever limit testing to only one type. Different strategies bring out different problems and it's better to do a little of each kind than spend all the time doing one thing.
Другие советы
It depends on the requirements but Static White box Testing is preferable because of the following points:
White box overall detects a higher prevalence of many categories which we can reason out to having lower FN(False negative) rates. Static is better than dynamic in 5 out of 7 categories:
The SQL injection, path traversal, and OS commandeering are probably found better by static because these are a good methods for static with its 100% code coverage.
https://stackoverflow.com/questions/13832393
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian