Test the system security as you test the application security

In this story, I show that we can test the system security as we test the security of the application source code.

Once you follow the Security-as-Code concept, you can also apply the Test Pyramid (Mike Cohn, 2005) to security testing. In this document, you will have a quick introduction to a security tool of each level of the pyramid:

  • OWASP ZAP,
  • Gauntlt,
  • ServerSpec.

The Test Pyramid

--

--

--

The Open DevOps Academy shares practices, experiences, and ideas about many domains of DevOps.

Recommended from Medium

{UPDATE} Can You Escape Haunted Castle 4? Hack Free Resources Generator

Social Engineering: The Science of Human Hacking

🛡️ #Propel team has chosen to go above and beyond for its #community

No, end-to-end encryption does not prevent Facebook from accessing WhatsApp chats

VirusTotal is not an Incident Responder

Reconciling blockchain and data confidentiality

Keepnet Labs outlook add-in setup

The only programme that can keep the Web 3.0

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Bruno Delb

Bruno Delb

Blockchains, DevOps, Agile Coaching, development, testing, Cloud, Management 3.0, ITIL. It defines me.

More from Medium

Learn Kubernetes: Job — Create a job

My Take On the Kubernetes Application Developer (CKAD) Certification

OneDev — A beautiful opinionated git service with Kanban and CI/CD

Extracting a container file system with Podman