Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 3 days ago.
Improve this question
Mr.ABC is a white hat hacker .There are N number of security vulnerability which is similar across the organization on the web application it’s really hard to find them manually to build an “Automation Security Scanner/Framework “.To help Mr.ABC we are going to bulid an automation security scanner.
We need a automated security scanner
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 4 months ago.
Improve this question
I have a client who wants to block Linux users from accessing the website since they account for 1/5 of traffic and are clearly bots.
Has anyone successfully done this? Not too sure where to begin.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 2 years ago.
Improve this question
I'm really confused about the difference between system security and software security.
Could someone clearly explain this?
Software security would be a part of System Security. Like the lock on your door is part of your home security.
So system security is more of a holistic view which includes software security
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 5 years ago.
Improve this question
I see that sonarQube can be used for measuring code quality and for finding security vulnerabilities. I am having hard time deciding whether to replace the custom-build BDD security testing scenarios with sonarQube testing for my backend services. BDD testing usually takes longer than the sonarQube analysis. I would appreciate your suggestions on this.
Thanks
These two things are complementary. I wouldn't stop either in favor of the other.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 9 years ago.
Improve this question
What are the standards and testing methodologies available to test security and vulnerabilities of a software application ? ,
Characteristics of the application:
Use public networks to transfer data
Use Socket Programming
Cryptography used
Data Storing ethics and security ?
take a look at OWASP. Lots of good info and links to other resources. https://www.owasp.org/index.php/Category:Principle
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 5 years ago.
Improve this question
I know that when you submit an application for Apple Store, it gets tested: if they find a vulnerability the application gets reject.
How do they do this checking? How accurate is it? What vulnerabilities are most likely to get accepted, fooling the test?
Apple isn't the only one, Mozilla also does this for their add-ons. In both cases, its a mix of developers reading though the code aided by static code analysis.