AppSec Security Tool List - " Vpentest "

Author Description

Hey there,I am a simple blogger who likes to blog to make you uderstand what are the stuff we can learn on the internet and how to learn it.I am here to make you learn and feel the energy of learning by doing.

Author Social Links

Home
About
Contact
Login

Home
Android
_Android Hacking
__Hacking Tools
__Security Tools
Computer
Ethical Hacking
Development
Gaming
Udemy Course

Full width home advertisement

Post Page Advertisement [Top]

AppSec Security Tool List

Skhanna

I created a post about security tools (primarily red team focused) yesterday (
https://www.reddit.com/r/cybersecurity/comments/1esy1yk/comment/lifqh06/?context=3) and people seemed to enjoy it, so I created an AppSec list :).

If you have any other suggestions, please comment them so I can add in.

* Static Application Security Testing (SAST) Tools

Quickly identify security vulnerabilities in the code and fix them during development.

* SonarQube
* Veracode
* Snyk SAST (
https://snyk.io/product/snyk-code/ /> * GitHub Code Scanning)

* Dynamic Application Security Testing (DAST)

Analyze security vulnerabilities in real-time in production environments. DAST tools also enable developers to simulate cyberattacks and detect runtime errors.

* Intruder
* HCL AppScan
* Veracode

💡 I**nteractive Application Security Testing (IAST) is a combo of SAST and DAST. You can analyze the code during any stage of development and *in real-time in the production applications.

A popular tool in this space is Checkmarx

* Run-time Application Security Protection (RASP)

Run continuous security testing and automate the incident response during security breaches.

* Dynatrace
* Datadog Application Security Management

* Webapp Pentesting (also under Red Team/Pentesting)

AppSec should also understand penetration testing. Here are some tools that can help for Web App pentesting

* ZAP (
https://www.zaproxy.org/) /> * OpenSCAP (web app scanner along with vulnerability assessments and compliance)
https://www.open-scap.org/ /> * Burp Suite (Community and Paid)

💡 Lots of other pentesting tools (Nmap, Nessus, etc.) fall under the “webapp pentesting” category.

* Container Security

Containers are currently the smallest form factor to run an application. You decouple your application stack (sometimes called microservices) into multiple pieces so they can be managed and deployed separately.

* Snyc Containers (
https://snyk.io/product/container-vulnerability-management/) /> * Docker Scout

* Kubernetes Security

Kubernetes is an orchestration system (originally for just containers) that allows you to scale application stacks.

* Kubescape
* Aqua Security

* Vendors/Tools that “do it all”

* Snyk (
https://snyk.io/)/(https://snyk.io/solutions/application-security/) />

submitted by /u/mikelevan
[link] [comments]

http://dlvr.it/TC2YQR

facebook
twitter
google+

Skhanna

No comments:

Post a Comment

Newer Post Older Post Home

Subscribe to: Post Comments (Atom)

'; (function() { var dsq = document.createElement('script'); dsq.type = 'text/javascript'; dsq.async = true; dsq.src = '//' + disqus_shortname + '.disqus.com/embed.js'; (document.getElementsByTagName('head')[0] || document.getElementsByTagName('body')[0]).appendChild(dsq); })();

Bottom Ad [Post Page]

Blog Archive

▼ 2024 (445)
- ► September (43)
- ▼ August (50)
- ► July (49)
- ► June (51)
- ► May (56)
- ► April (45)
- ► March (52)
- ► February (44)
- ► January (55)

► 2023 (178)
- ► December (45)
- ► November (54)
- ► October (55)
- ► September (23)
- ► April (1)

► 2022 (2)
- ► December (2)

► 2020 (2)
- ► October (2)

► 2019 (1)
- ► January (1)

► 2018 (13)
- ► November (2)
- ► August (1)
- ► July (2)
- ► June (6)
- ► February (2)

► 2017 (1)
- ► December (1)

Advertisement

LIVE CYBERTHREAT

Latest Trends

Contact Form

Name

Email *

Message *

amcat question search

search Pentest tools

Total Pageviews

Search Blog

Powered By Blogger

Copyright 2017, " Vpentest ". All rights Reserved.

| Designed by Colorlib