We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

Appsec Village - Automate Dynamic Application Security Testing

Formale Metadaten

Titel
Appsec Village - Automate Dynamic Application Security Testing
Untertitel
An approach in dockerized CI/CD pipelines
Alternativer Titel
Automate Pen Testing in Dockerized CI/CD Environment
Serientitel
Anzahl der Teile
335
Autor
Lizenz
CC-Namensnennung 3.0 Unported:
Sie dürfen das Werk bzw. den Inhalt zu jedem legalen Zweck nutzen, verändern und in unveränderter oder veränderter Form vervielfältigen, verbreiten und öffentlich zugänglich machen, sofern Sie den Namen des Autors/Rechteinhabers in der von ihm festgelegten Weise nennen.
Identifikatoren
Herausgeber
Erscheinungsjahr
Sprache

Inhaltliche Metadaten

Fachgebiet
Genre
Abstract
Speed is vital in startups, and fast moving CI/CD pipelines are the norm in startups. Dynamic application security testing (DAST) can take advantage of the speed, automate along the CI/CD pipelines, and enable developers to fix issues while vulnerabilities are in development phase. In order to be integrate seamlessly with CI/CD pipelines, DAST tools should be ready to be deployed as code, integrate with a modern build system, and be able to provide instant feedback. Existing commercial DAST tools generally do not have such capabilities. In this presentation, we discuss how we dockerized Headless Burp, deployed the Headless Burp as code, so that it can be integrated with Selenium tests on demand.