Building Autonomous AppSec Test Pipelines with the Robot Framework - Icon E
Building Autonomous AppSec Test Pipelines with the Robot Framework
Instructors - Abhay Bhargav & Sharath Kumar Ramadas
Pre-Requisites - Basic Knowledge of Application Security Testing Techniques
Abstract - It is common knowledge that automating security testing, especially for rapid-release applications is an essential requirement from multiple perspectives. One perspective is that of security testing in a Continuous Delivery Pipeline (as part of CI/CD) and the other is the perspective of a Penetration Tester. In a CI/CD Pipeline, one would like security tests to be triggered in an automated manner. These tests should provide information related to application vulnerabilities to engineering teams, early in the SDL (Software Development Lifecycle), preferably before these apps are deployed to production. From the perspective of the Pentester, there is the obvious shortage of time and resources. Pentesters spend a lot of time repeating standard manual processes, thereby losing out on time to perform more deep, insightful analysis of the target application to uncover serious security flaws. Targeted Automation, can be very useful for a Pentester as well.
Required Materials - Laptop with Virtualbox loaded - VM will be provided
Liked this event? Spread the word :