Please use this identifier to cite or link to this item:
https://rda.sliit.lk/handle/123456789/1639
Full metadata record
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Pathirathna, P. P. W | - |
dc.contributor.author | Ayesha, V. A. I | - |
dc.contributor.author | Imihira, W. A. T | - |
dc.contributor.author | Wasala, W. M. J. C | - |
dc.contributor.author | Kodagoda, N | - |
dc.contributor.author | Edirisinghe, E. A. T. D | - |
dc.date.accessioned | 2022-03-15T04:30:20Z | - |
dc.date.available | 2022-03-15T04:30:20Z | - |
dc.date.issued | 2017-12-06 | - |
dc.identifier.citation | P. P. W. Pathirathna, V. A. I. Ayesha, W. A. T. Imihira, W. M. J. C. Wasala, N. Kodagoda and E. A. T. D. Edirisinghe, "Security testing as a service with docker containerization," 2017 11th International Conference on Software, Knowledge, Information Management and Applications (SKIMA), 2017, pp. 1-7, doi: 10.1109/SKIMA.2017.8294109. | en_US |
dc.identifier.issn | 2573-3214 | - |
dc.identifier.uri | http://rda.sliit.lk/handle/123456789/1639 | - |
dc.description.abstract | Nowadays web applications are used widely in day to day life. These web applications needs to be secured from vulnerabilities. In order to test how much a web application is secured, testers use various web vulnerability scanners [1]. But in order to run scans as expected, these tools need to be properly configured and also consume lots of resources. This paper explains how developers can test the security of their web applications properly using a provided automated security testing service. This system is capable of running a dynamic security scan with Zed Attack Proxy tool, running a static code analysis security scan with FindSecBugs plugin and do a dependency check with Open Web Application Security Project (OWASP) dependency check tool through docker containerization. End user needs to provide their source code, the database dump and Uniform Resource Locators (URLs)/credentials for any login pages of their web application to the system. Then the system will run the scans and provide security reports without false positives by freeing end user from all the burden of manual security testing. | en_US |
dc.language.iso | en | en_US |
dc.publisher | IEEE | en_US |
dc.relation.ispartofseries | 2017 11th International Conference on Software, Knowledge, Information Management and Applications (SKIMA);Pages 1-7 | - |
dc.subject | Security testing | en_US |
dc.subject | service | en_US |
dc.subject | docker containerization | en_US |
dc.title | Security testing as a service with docker containerization | en_US |
dc.type | Article | en_US |
Appears in Collections: | Department of Computer Science and Software Engineering -Scopes Research Papers - IEEE Research Papers - SLIIT Staff Publications |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
Security_testing_as_a_service_with_docker_containerization.pdf Until 2050-12-31 | 495.77 kB | Adobe PDF | View/Open Request a copy |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.