BRINGING SECURITY CLOSER TO QA
In an agile or DevOps environment applications are subjected to multiple iterations of functional tests for every release. This is because continuous modifications to application code could adversely impact the quality, functionality, user experience, scalability or much worse, the security of the application.
we45’s security regression framework helps engineering and QA teams extend the concept of automated regression testing to ensure that previously identified security vulnerabilities do not resurface in subsequent releases of the application.
The core of we45’s regression framework revolves around re-using available QA and functional automation to derive additional value from DAST tools when they run payloads during scheduled sweeps on a deployed application. Additionally, logic flaws uncovered through manual inspection (penetration tests) are fed as exploit automation scripts to the regression test suite, ensuring that non-scanner based vulnerabilities are also validated.