Hello everyone,
My only comment would be about all of the sub-categories of Chapter 4. I
think, instead of separating them as false-positive and true-negative, we
can create different subcategories for different test cases. (the test cases
can be differentiated by different coding languages, or maybe test cases
related with OWASP top 10, SANS top 25, etc.). Then, for every test case,
the positives, negatives and overall accuracy can be discussed in that
sub-category.
Kind regards,
Gamze
Hello everyone,
My only comment would be about all of the sub-categories of Chapter 4. I
think, instead of separating them as false-positive and true-negative, we
can create different subcategories for different test cases. (the test cases
can be differentiated by different coding languages, or maybe test cases
related with OWASP top 10, SANS top 25, etc.). Then, for every test case,
the positives, negatives and overall accuracy can be discussed in that
sub-category.
Kind regards,
Gamze
