Secure Software

The three techniques include black-box, white-box, and gray-box testing, where each one has its own
advantages with certain limitations.
Assume that you are developing large-scale software. As a Software developer, on what stages (e.g., analysis,
design, implementation, etc.) of a secure-SDLC, you would like to deploy these techniques? Discuss how it
would help you in ensuring the security of your software? Do you think these three techniques (black-box,
white-box, and gray-box testing) are good enough to achieve optimal security in software or additional testing
(e.g., static versus dynamic) should be done?

Sample Solution