Automating Security Tests for Web Applications in Continuous Integration and Deployment Environment
Shajadi, Abdollah (2019)
2019
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-201904185578
https://urn.fi/URN:NBN:fi:amk-201904185578
Tiivistelmä
This thesis was a research project commissioned by Liana Technologies for creating tools and processes to implement automated security tests for web applications.
Discovering and testing available tools and concepts to achieve the aims of this project was the starting point. Burp Suite Pro, the Python programming language and Gitlab CI/CD were the main technologies that helped with the progress.
The result of this research was a Python script called Skinner that automated security testing with Burp Suite Pro in the Gitlab CI pipeline. The procedure of implementing this technology and reaching the best practice of DevSecOps is the main ingredient of the developed solution in this thesis.
Discovering and testing available tools and concepts to achieve the aims of this project was the starting point. Burp Suite Pro, the Python programming language and Gitlab CI/CD were the main technologies that helped with the progress.
The result of this research was a Python script called Skinner that automated security testing with Burp Suite Pro in the Gitlab CI pipeline. The procedure of implementing this technology and reaching the best practice of DevSecOps is the main ingredient of the developed solution in this thesis.