Artboard 1

Automated Security Testing

We integrate Automated Security Testing into your software delivery pipeline and optimize it for your targets using open source tooling such as OWASP ZAP.

Monitor and scan your applications 24/7 for security defects.

With automated security tests a large number of security leaks can be detected. It particularly lends itself for significant vulnerabilities in the injection category, for example SQL injection, Cross-Site Scripting, XML injection and so on.


From banks to start-ups.

Your organization is always ready for Automated Security Testing. From a young ad hoc environment to a more mature infrastructure and all in-between. Don't hesitate to tell us about your project. We will be more than happy to discuss the possibilities with you, free of charge.

Make optimal use of your existing infrastructure.

Automated Security Testing can be implemented in your software development life cycle. Automated functional tests (with Selenium for example) can be used to improve the coverage of the security tests.

Raise security awareness within your teams.

Each time a developer makes a change or addition to an application, the security scans will automatically start scanning for security-related issues. This creates a short feedback loop to the developers, which eventually will result in more security awareness within the development team. In theory, a developer receives feedback of the encountered security issues within couple hours after submitting his or her code and updating the environment.

Reporting findings.

The findings from the security scans are integrated in ThreadFix. Optionally the findings can be integrated in any existing dashboard. The state of your application and security findings will be clear in a single glance. The reports include detailed information about the vulnerability. We demonstrate findings, answer questions and help you get things fixed.

Web vulnerability scan tools like OWASP Zed Attack Proxy (ZAP) can be controlled in an automated manner and are therefore suitable for our Automated Security Testing. OWASP ZAP is a free to use, open-source security application which can scan web applications for known security issues, like vulnerabilities included in the OWASP Top 10 security bugs.

How we work

  • 1

    Intake

    During the intake (free of charge) we discuss your project and tell you more about us and our modus operandi. The main purpose is to collect all the information we need to create our proposal (plan of action).

  • 2

    Offer

    You will receive our proposal, including a detailed overview of the activities, deliverables, planning and costs.

  • 3

    Preparation

    When the proposal is accepted, we deliver a list of all the things that need to be prepared for the implementation of Automated Security Testing.

  • 4

    Implementation

    The implementation of Automated Security Testing will be executed in the planned time window.

  • 5

    Review and finalizing

    Once the initial implementation is done, we stay on-scene to test the tool and review its findings. We make sure the implementation works flawless in your environment.

  • 6

    Support

    After a successful implementation, we deliver support in the form of reviewing findings within ZAP and continuously optimizing test scripts for your applicationions.



Talk about your project with us →