Dissertação de Mestrado

Cybersecurity Test Automation: Experiences with Robot Framework and OWASP ZAP Technologies

Diogo Filipe Afonso Fernandes2022

Informações chave

Autores:

Diogo Filipe Afonso Fernandes (Diogo Filipe Afonso Fernandes)

Orientadores:

Alberto Manuel Rodrigues da Silva (Alberto Manuel Rodrigues da Silva); Ana Cristina Ramada Paiva

Publicado em

16/11/2022

Resumo

Web applications had a massive growth over the last decades, increasing the risk and the data sensitive exposure to attacks that are also evolving and becoming more sophisticated. Web applications shall be tested repeatedly to give their stakeholders confidence about security exposure. However, to have better coverage of applications is important to include a process that would allow reviewing the implementations from the early until the deployment phase. ITLingo initiative, with the RSL language, helps with the requirements specifications and tests and already integrates with Robot Framework, a RPA tool that produces reusable and reproducible test scripts, enabling testing automation. The present work aims to explore the contribution of the Robot Framework with the OWASP ZAP, an open-source web vulnerability scanner. Using both technologies combined we can achieve an automated approach to an automated web vulnerability scanning approach that can be reusable and facilitates organizations to have an end-to-end solution to test their web applications against common vulnerabilities.

Detalhes da publicação

Autores da comunidade :

Orientadores desta instituição:

Domínio Científico (FOS)

electrical-engineering-electronic-engineering-information-engineering - Engenharia Eletrotécnica, Eletrónica e Informática

Idioma da publicação (código ISO)

eng - Inglês

Acesso à publicação:

Embargo levantado

Data do fim do embargo:

16/10/2023

Nome da instituição

Instituto Superior Técnico