When it comes to testing Web applications for security flaws, there are two types of tests -- static analysis and dynamic analysis -- and two ways to perform those tests -- automated and manual. In this podcast, associate editor Jennette Mullaney refers to an article written by Dan Cornell, principal at the Denim Group, to explain how to use the different techniques to uncover Web application security vulnerabilities.