{"id":353,"date":"2023-01-14T17:20:42","date_gmt":"2023-01-14T17:20:42","guid":{"rendered":"https:\/\/premsvmm.com\/?p=353"},"modified":"2023-01-31T16:24:30","modified_gmt":"2023-01-31T16:24:30","slug":"security-testing-101","status":"publish","type":"post","link":"https:\/\/premsvmm.com\/index.php\/2023\/01\/14\/security-testing-101\/","title":{"rendered":"Security Automation 101"},"content":{"rendered":"\n<h4 class=\"wp-block-heading\">What is security automation?<\/h4>\n\n\n\n<ul>\n<li>Security testing and automation help to identify the security issues present in code during development and help to catch the issue before it merges to master or reaches production.<\/li>\n\n\n\n<li>Basically doing a shift left approach to identify and fix issues at the design and development stage.<\/li>\n<\/ul>\n\n\n\n<p><\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Some of the tools that help to automate security Testing in CI\/CD <\/h4>\n\n\n\n<ul>\n<li>SAST &#8211; Semgrep<\/li>\n\n\n\n<li>DAST &#8211; OSWZAP<\/li>\n\n\n\n<li>Image vulnerability &#8211; Trivy<\/li>\n\n\n\n<li>Dependency Upgrade &#8211; Dependabot<\/li>\n\n\n\n<li>Vulnerability Management &#8211; DefectDojo<\/li>\n<\/ul>\n\n\n\n<p><\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Sample Architecture in CI\/CD including security automation<\/h4>\n\n\n\n<figure class=\"wp-block-image size-large is-resized\"><img decoding=\"async\" loading=\"lazy\" src=\"https:\/\/premsvmm.com\/wp-content\/uploads\/2023\/01\/Security-Workflow-1024x363.png\" alt=\"\" class=\"wp-image-424\" width=\"1411\" height=\"500\" srcset=\"https:\/\/premsvmm.com\/wp-content\/uploads\/2023\/01\/Security-Workflow-1024x363.png 1024w, https:\/\/premsvmm.com\/wp-content\/uploads\/2023\/01\/Security-Workflow-300x106.png 300w, https:\/\/premsvmm.com\/wp-content\/uploads\/2023\/01\/Security-Workflow-768x272.png 768w, https:\/\/premsvmm.com\/wp-content\/uploads\/2023\/01\/Security-Workflow-1536x544.png 1536w, https:\/\/premsvmm.com\/wp-content\/uploads\/2023\/01\/Security-Workflow.png 1766w\" sizes=\"(max-width: 1411px) 100vw, 1411px\" \/><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>What is security automation? Some of the tools that help to automate security Testing in CI\/CD Sample Architecture in CI\/CD including security automation<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"default","ast-global-header-display":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","footnotes":""},"categories":[6],"tags":[14],"_links":{"self":[{"href":"https:\/\/premsvmm.com\/index.php\/wp-json\/wp\/v2\/posts\/353"}],"collection":[{"href":"https:\/\/premsvmm.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/premsvmm.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/premsvmm.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/premsvmm.com\/index.php\/wp-json\/wp\/v2\/comments?post=353"}],"version-history":[{"count":8,"href":"https:\/\/premsvmm.com\/index.php\/wp-json\/wp\/v2\/posts\/353\/revisions"}],"predecessor-version":[{"id":427,"href":"https:\/\/premsvmm.com\/index.php\/wp-json\/wp\/v2\/posts\/353\/revisions\/427"}],"wp:attachment":[{"href":"https:\/\/premsvmm.com\/index.php\/wp-json\/wp\/v2\/media?parent=353"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/premsvmm.com\/index.php\/wp-json\/wp\/v2\/categories?post=353"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/premsvmm.com\/index.php\/wp-json\/wp\/v2\/tags?post=353"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}