Test the system security as you test the application security
In this story, I show that we can test the system security as we test the security of the application source code.
Once you follow the Security-as-Code concept, you can also apply the Test Pyramid (Mike Cohn, 2005) to security testing. In this document, you will have a quick introduction to a security tool of each level of the pyramid:
- OWASP ZAP,