Test the End-to-End Solution
When it comes to building secure distributed applications, no technology or feature is an island. A solution is the sum of its parts. Even the most detailed and well-considered design is insecure if one part of the solution is weak. As a tester, you need to find that weak link, have it mitigated, and move on to the next weakest link.
Keep in mind that sometimes two or more relatively secure components become insecure when combined! | |