FASTscan: Fully Automated Security Testing with scanmeter
At a glance
In this R&D project, scanmeter - a service for the automated security analysis of IT systems - is being extended by three innovative components. This will significantly increase the level of automation and test coverage, significantly improve customer benefits, and expand the fields of applications. Specifically, the following should be achieved in the project: (1) scanmeter will support automated security testing of APIs, significantly increasing the range of applications (e.g., to modern web applications, mobile apps and Internet of Things (IoT) devices); (2) scanmeter will be able to detect all types of access control vulnerabilities in web applications, providing comprehensive support for this critical vulnerability type; and (3) scanmeter will support arbitrary authentication processes in web applications and APIs, enabling full test automation with respect to authentication as well. The project is carried out in cooperation between InIT (https://zhaw.ch/init) and scanmeter GmbH (https://scanmeter.io).
Rennhard, Marc; Kushnir, Malte; Favre, Olivier; Esposito, Damiano; Zahnd, Valentin,
SN Computer Science.
3(5), pp. 376.
Available from: https://doi.org/10.1007/s42979-022-01271-1