How frequently do you perform penetration testing of your web applications? Is there a way to automate pen tests as part of the CI/CD process?
Sort By:
Oldest
CTO in Finance (non-banking)a year ago
Thanks for update. Will checkout tools for same.
IT Cyber Security and Compliance in Healthcare and Biotecha year ago
remediations are manually performed annuallyInformation Security Analyst7 months ago
I would say the testing should be done once every new module is brought into the applicationIT Manager in Energy and Utilities7 months ago
We normally perform pen text before the application goes live then once every year. From my experience the actual pen test needs variation and hence can’t be easily automated.
As for automating pen tests as part of the CI/CD process, yes, it is possible. This is commonly known as "Continuous Penetration Testing." It involves integrating automated penetration testing tools into the CI/CD pipeline to identify and report vulnerabilities in real-time. This helps to ensure that any new vulnerabilities introduced by code changes are detected and remediated early in the development process. There are many commercial and open-source tools available that can be used to automate pen tests as part of the CI/CD process.