Which of the following is the MOST secure way to ensure third party applications and introduce
only acceptable risk?
A.
Line by line code review and simu-lation; uncovers hidden vulnerabilities and allows for
behavior to be observed with minimal risk.
B.
Technical exchange meetings with the application’s vendor; vendors have more in depth
knowledge of the product.
C.
Pilot trial; minimizes the impact to the enterprise while still providing services to enterprise
users.
D.
Full deployment with crippled features; allows for large scale testing and observation of the
applications security profile.