When comparing the testing methodologies of Open Web Application Security Project (OWASP) and Open
Source Security Testing Methodology Manual (OSSTMM) the main difference is
A.
OWASP is for web applications and OSSTMM does not include web applications.
B.
OSSTMM is gray box testing and OWASP is black box testing.
C.
OWASP addresses controls and OSSTMM does not.
D.
OSSTMM addresses controls and OWASP does not.