Creating this topic to hear the importance of Security Testing.
How to include security testing in SDLC.
Testing Tools available in market for Dynamic Application Security Testing
Creating this topic to hear the importance of Security Testing.
How to include security testing in SDLC.
Testing Tools available in market for Dynamic Application Security Testing
Vijitha - we currently use a SAST tool in our organization for security testing of Code and a Dast tool as well. We have plans to use an IAST tool as well for our UI security.
Wow great to know๐ Which DAST tool are you using??
My apologies for the delay,Vijitha, we are currently using Qualys for the DAST, and Checkmarx for the SAST
No worries! Thank you for the details
The importance of Security testing is basically the same as the importance of testing.
Expect with security there could be some huge legal issues in the end. Sensitive data exposure, GDPR, etc etc โฆ
How we cover it in our S(secure)SDLC:
All added in the pipeline. Does it end here? Not at all, since we are no 'security experts or professional pen-testers, we still hire them to test our applications frequently.
Kind regards
Kristof
Thank you @kristof for sharing the details.
As you said there is a saying
"Security is always excessive until itโs not enough.โ-by Robbie Sinclair,