Eine Plattform für die Wissenschaft: Bauingenieurwesen, Architektur und Urbanistik
Eine Plattform für die Wissenschaft: Bauingenieurwesen, Architektur und Urbanistik
Automated Security Testing Utilizing Continuous Integration and Continuous Delivery Technologies
The circumstances of the year 2020 created a need for pushing everything and everyone online. To adapt to the situation at the required pace, the swift transition of existing systems and workflows from physical to digital was inevitable. However, the rapid development of new services resulted in the infrastructure not cutting the mustard in terms of information security and cybersecurity. The objective was to develop and implement a security testing construct to secure the Client’s expanding server and service infrastructure. The requirements specified for the security testing system were the ability to automate the testing implementation and adapt it to the Client’s agile development workflow while making it as cost-efficient as possible. The solution consisted of a containerized vulnerability assessment framework deployed into a dedicated server, designing and developing a CLI (Command-Line Interface) tool for remote interaction, and hooking the Client’s CI/CD pipeline with the security testing service. As an outcome of this constructive research approach, the Client’s infrastructure includes a security testing service regularly scanning the servers against weaknesses with an ever-growing number of vulnerability tests. The objective was achieved, and the solution provides a solid base for the Client’s security testing. To further improve the reliability of the system, additional scanning tools could be implemented to run alongside.
Automated Security Testing Utilizing Continuous Integration and Continuous Delivery Technologies
The circumstances of the year 2020 created a need for pushing everything and everyone online. To adapt to the situation at the required pace, the swift transition of existing systems and workflows from physical to digital was inevitable. However, the rapid development of new services resulted in the infrastructure not cutting the mustard in terms of information security and cybersecurity. The objective was to develop and implement a security testing construct to secure the Client’s expanding server and service infrastructure. The requirements specified for the security testing system were the ability to automate the testing implementation and adapt it to the Client’s agile development workflow while making it as cost-efficient as possible. The solution consisted of a containerized vulnerability assessment framework deployed into a dedicated server, designing and developing a CLI (Command-Line Interface) tool for remote interaction, and hooking the Client’s CI/CD pipeline with the security testing service. As an outcome of this constructive research approach, the Client’s infrastructure includes a security testing service regularly scanning the servers against weaknesses with an ever-growing number of vulnerability tests. The objective was achieved, and the solution provides a solid base for the Client’s security testing. To further improve the reliability of the system, additional scanning tools could be implemented to run alongside.
Automated Security Testing Utilizing Continuous Integration and Continuous Delivery Technologies
Koskela, Pyry (Autor:in)
01.01.2021
Sonstige
Elektronische Ressource
Englisch
DDC:
690
Automated Security Testing Utilizing Continuous Integration and Continuous Delivery Technologies
| BASE | 2021
An Automated Drug Delivery Tracking Device Utilizing RFID Technology
| British Library Online Contents | 2009
Continuous beam management method utilizing digitized display function
| Europäisches Patentamt | 2020
| British Library Conference Proceedings | 2003