You are on page 1of 2

Richelle Zeny M.



BSA – 4

MWF; 2:00 – 3:00 PM

Auditing computer applications uses several techniques and processes. Testing
such applications and having control techniques provide information about the accuracy
and completeness of an application’s processes. Auditing computer application controls
then follows two general known approaches: the Black Box Approach and the White
Box Approach.
As experts continued to develop a technique that would cater the deficiencies of
the other techniques, the Gray Box Testing was created and will soon be fully known
and applied by all.
The Gray Box Testing, A Newly-Introduced Approach
Gray Box Testing, which is a combination of Black Box and White Box
Approaches, is a strategy for software debugging. Gray Box Testing is named so
because the software program, in the eyes of the tester is like a gray or semitransparent box wherein one can partially see. The aim of this approach or testing is to
search for the defects, if any, due to improper structure or usage of applications.
Gray box testing can be contrasted with black box approach, a scenario in which
the tester has no knowledge or access to the internal workings of a program, or white
box approach, a scenario in which the internal particulars are fully known. Gray box
testing is commonly used in penetration tests.
Gray box testing is considered to be non-intrusive and unbiased because it does
not require that the tester have access to the source code. With respect to internal
processes, gray box testing treats a program as a black box that must be analyzed from
the outside. During a gray box test, the person may know how the system components
interact but not have detailed knowledge about internal program functions and

This approach uses the following techniques: matrix testing which states the status report of the project. and orthogonal array testing which is used as subset of all possible combination.operation. Functional testing is done basically a test of user interactions with may be external systems. It also helps to confirm that software meets the requirements defined for the software. so it is more efficient to use gray-box testing as significant information is available in Web Services Description Language (WSDL). due to absence of source code or binaries it is not possible to use white-box testing. regression testing which implies rerunning of the test cases if new changes are made. Web applications have distributed network or systems. It is based on requirement test case generation because it presents all the conditions before the program is tested by using the assertion method. pattern testing which verifies the good application for its design or architecture and patterns. When using this approach. It is also suited for functional or business domain testing due to its characteristics. it provides a balance that supports each first introduced approaches’ inadequacies. A requirement specification language is used to make it easy to understand the requirements and verify its correctness. A clear distinction exists between the developer and the tester. thereby minimizing the risk of personnel conflicts. Gray Box Testing is well suited for web applications. hence. . Gray Box Testing is indeed a middle ware of Black Box and White Box Approaches. the internal structure could be partially known. Gray Box Testing is beneficial because it takes the straightforward technique of black-box testing and combines it with the code-targeted systems in white-box testing. Black-box testing is also not used due to just contract between customer and developer.