1 / 12

Comprehensive Overview of Automated Security Testing Tools for Web Applications

This research paper presents an in-depth analysis of security testing for web-based systems, focusing on automated tools. It begins by defining security testing and its importance in identifying web application risks. A comparative analysis of various security testing tools is provided, emphasizing the need for repeatable and consistent testing processes. The paper also highlights common web application security risks, referencing the OWASP Top Ten Project. Ultimately, it aims to guide practitioners in selecting effective tools for enhancing web application security.

thetis
Download Presentation

Comprehensive Overview of Automated Security Testing Tools for Web Applications

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Automatic security testingtools for web-based system CS577b Individual Research Shi-XuanZeng 04/23/2012

  2. Outline • Introduce security testing • Web application/system security testing • Web application/system security risks • Security testing tools comparison • Summary

  3. What is security testing? • Providing evidence • Fulfilling requirements • Fundamental processes • Boundary values • Equivalence classes • Security classes * Web Security Testing Cookbook (O’Reilly)

  4. Web application security testing • Functional testing V.S. Security testing • Use variety tools manually and automatically • Simulate and stimulate activities • Goal • Produce repeatable and consistent tests * Web Security Testing Cookbook (O’Reilly)

  5. Web application security risks *OWASP Top Ten Project (2010)

  6. Top 10 Web Application Security Risks *OWASP Top Ten Project (2010)

  7. Security testing tools comparison 1

  8. Security testing tools comparison 2

  9. Summary • Security testing provides evidence and fulfill requirements. • The goal is to produce repeatable and consistent tests. • Beware of top 10 web application security risks. • Choose free, easy used, and good traceability testing tools. • Suggest w3af and N-Stalker Security Scanner Free Edition.

  10. Reference • Web Security Testing Cookbook • PacoHope, Ben Walther; O’Reilly Media Inc.; Oct 28 2008 • OWASP Top Ten Project • https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project • http://owasptop10.googlecode.com/files/OWASP%20Top%2010%20-%202010.pdf • 10+ Free Web Application Security Testing Tools • http://www.webresourcesdepot.com/10-free-web-application-security-testing-tools/

  11. Questions ?

  12. Thank You!!

More Related