2. 2
Application Security Testing
Security assessment for routers,
firewall, load balancers, switches,
find network misconfiguration
Infrastructure Scanning
OS vulnerabilities, known
vulnerabilities in images, evaluate
the image against policies to check
for security compliance.
Container Scanning
Dynamic application security testing
Find security vulnerabilities in a running
application, typically web apps.
DAST
Static Application Security Testing
Catch security issues on early stages
of code development, allows
developers to find bugs in code
SAST
Many types of security vulnerabilities are difficult to
find automatically, such as authentication problems,
access control issues, insecure use of cryptography,
etc.
Functional Security Automation
7. 7
Proof Of Concept
• Integrated in existing CI pipeline
or configured to be ran on self-
service basis
• Traffic created using existing
tests
• False Positives analysis can be
partially automated using DefectDojo
or ReportPortal capabilities
13. 13
Auto-Analysis
• Validate capabilities
• Identify parameters to reduce duplicates
• Create service with equals strategy
• Contact to ReportPortal team to create
custom analyzer service with equals
strategy