Publication: Security testing as a service with docker containerization
| dc.contributor.author | Pathirathna, P. P. W | |
| dc.contributor.author | Ayesha, V. A. I | |
| dc.contributor.author | Imihira, W. A. T | |
| dc.contributor.author | Wasala, W. M. J. C | |
| dc.contributor.author | Kodagoda, N | |
| dc.contributor.author | Edirisinghe, E. A. T. D | |
| dc.date.accessioned | 2022-03-15T04:30:20Z | |
| dc.date.available | 2022-03-15T04:30:20Z | |
| dc.date.issued | 2017-12-06 | |
| dc.description.abstract | Nowadays web applications are used widely in day to day life. These web applications needs to be secured from vulnerabilities. In order to test how much a web application is secured, testers use various web vulnerability scanners [1]. But in order to run scans as expected, these tools need to be properly configured and also consume lots of resources. This paper explains how developers can test the security of their web applications properly using a provided automated security testing service. This system is capable of running a dynamic security scan with Zed Attack Proxy tool, running a static code analysis security scan with FindSecBugs plugin and do a dependency check with Open Web Application Security Project (OWASP) dependency check tool through docker containerization. End user needs to provide their source code, the database dump and Uniform Resource Locators (URLs)/credentials for any login pages of their web application to the system. Then the system will run the scans and provide security reports without false positives by freeing end user from all the burden of manual security testing. | en_US |
| dc.identifier.citation | P. P. W. Pathirathna, V. A. I. Ayesha, W. A. T. Imihira, W. M. J. C. Wasala, N. Kodagoda and E. A. T. D. Edirisinghe, "Security testing as a service with docker containerization," 2017 11th International Conference on Software, Knowledge, Information Management and Applications (SKIMA), 2017, pp. 1-7, doi: 10.1109/SKIMA.2017.8294109. | en_US |
| dc.identifier.issn | 2573-3214 | |
| dc.identifier.uri | https://rda.sliit.lk/handle/123456789/1639 | |
| dc.language.iso | en | en_US |
| dc.publisher | IEEE | en_US |
| dc.relation.ispartofseries | 2017 11th International Conference on Software, Knowledge, Information Management and Applications (SKIMA);Pages 1-7 | |
| dc.subject | Security testing | en_US |
| dc.subject | service | en_US |
| dc.subject | docker containerization | en_US |
| dc.title | Security testing as a service with docker containerization | en_US |
| dc.type | Article | en_US |
| dspace.entity.type | Publication |
Files
Original bundle
1 - 1 of 1
No Thumbnail Available
- Name:
- Security_testing_as_a_service_with_docker_containerization.pdf
- Size:
- 495.77 KB
- Format:
- Adobe Portable Document Format
- Description:
License bundle
1 - 1 of 1
No Thumbnail Available
- Name:
- license.txt
- Size:
- 1.71 KB
- Format:
- Item-specific license agreed upon to submission
- Description: