Security Testing Made Easy

The session will go deeper by sharing our experience how we develop an in-house dynamic security automation testing framework integrating a couple of security tools. This framework makes the security-testing-tools-learning time zero for developers and newbie testers who are not familiar with all the tools and provides intuitive web-based user interface and RESTful API where users only need to feed basic information about testing targets. Are you doing a duplicate job of going through the full scan multiple reports every cycle and failing to utilize the already identified vulnerabilities and false positives? The session will cover how to handle those issues.

Session Takeaways:

• How to use APIs of security tools.
• How to scan authenticated pages by using selenium.
• How to execute multiple security tools at the same time by using APIs.
• How to combine different security results as one result.
• How to develop a dashboard for the statistics data.
• How to manage security vulnerabilities.
• How to track security bugs.
• How to filter out false positives.