Methodology

The proprietary BLA methodology employs a variety of internal policies and procedures using a combination of browser add-ons, industry standard HTTP proxy tools, and custom tools developed in-house. A custom built Hacklog tool is used for all BLAs to provide consistency; the Hacklog contains a custom checklist and a user-created map of site functionality to ensure testing coverage and to provide documentation of all BLA tests performed.

BLAs are performed with production safety as a top priority. The BLA protocol is designed to avoid any actions that could result in denial of service or that could potentially have a negative impact on the application. Special care is taken when testing administrative functionality that could potentially impact other users.

Business Logic Assessments are included as an annual service in our Sentinel PE services; additional Business Logic Assessments can be purchased as add-ons.