Dynamic Application Security Testing (DAST) also called Black Box Testing is a testing practice that will test the application by executing your web application. As we know, In SAST, a Web application will be tested inside the application which doesn’t even require that the application should be running. By Prabhu Vignesh Kumar Rajagopal.
A Typical DAST process is really a complex and lengthy process that will require a lot of manual interference. Those lengthy manual processes are not completely feasible to integrate with Jenkins to see the automated Security scan. So, we are going to perform only ZAP Baseline scan in this tutorial.
The content of the article’;
- Approach to DAST
- Setting up Jenkinsfile
- Configuration and Progress file
Since this tutorial is about the ZAP Baseline scan, author is using the Docker image for the OWASP ZAP proxy and perform the Dynamic Analysis on our python application. You will also get the links to further reading and previous articles on the topic. Well done!
[Read More]