The proprietary BLA methodology employs a variety of internal policies and procedures using a combination of browser add-ons, industry standard HTTP proxy tools, and custom tools developed in-house. A custom built Hacklog tool is used for all BLAs to provide consistency; the Hacklog contains a custom checklist and a user-created map of site functionality to ensure testing coverage and to provide documentation of all BLA tests performed.
BLAs are performed with production safety as a top priority. The BLA protocol is designed to avoid any actions that could result in denial of service or that could potentially have a negative impact on the application. Special care is taken when testing administrative functionality that could potentially impact other users.