Black Box Testing is a method of software testing that examines the functionality of an application without peering into its internal software structures (which is known as White Box Testing). This method of testing can be applied to virtually every level of software testing: unit, integration, system and acceptance. Black Box Testing is a form of penetration testing.
Test cases are built around specifications, requirements and what the application is supposed to do. Test cases are generally derived from external descriptions of the software, including specifications, requirements and design parameters. Although the tests used are primarily functional in nature, non-functional tests may also be used. The test designer selects both valid and invalid inputs and determines the correct output, often with the help of a test oracle or a previous result that is known to be good, without any knowledge of the test device’s internal structure.
Source: CNSSI 4009-2015, Practical Test Design: Selection of Traditional and Automated Test Design Techniques
Additional Reading: Penetration Testing for WordPress Websites
Related Terms: Penetration Testing, White Box Testing
Black box testing is something that can be used by any organization to test out their applications. This type of testing should be a part of any strong software development program. It’s always better for an ethical hacker to find a critical vulnerability in your software systems than a malicious hacker exploiting it to gain system or network access.Penetration testing can be pricey, but it can save your company money in the long-term by reducing the likelihood of a costly data security breach.
Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.
Spoiler alert: If you’re still using “password123” or “iloveyou” for your login… it’s time for an...
Read moreStop tricking employees. Start training them. Take Control of Your Security Awareness Training with a Platform...
Read moreGet sharper eyes on human risks, with the positive approach that beats traditional phish testing.