A security consultant is hired by a company to determine if an internally developed web application
is vulnerable to attacks. The consultant spent two weeks testing the application, and determines
that no vulnerabilities are present. Based on the results of the tools and tests available, which of
the following statements BEST reflects the security status of the application?
A.
The company’s software lifecycle management improved the security of the application.
B.
There are no vulnerabilities in the application.
C.
The company should deploy a web application firewall to ensure extra security.
D.
There are no known vulnerabilities at this time.