Comprehensive guide to securing your Playwright MCP test automation, covering authentication handling, credential management, secure test data practices, and protecting against common security vulnerabilities in automated testing.
Read articleFocuses on security regression testing, explaining how to add automated tests for security bugs found in production using OWASP Juice Shop and Spring Rest Template, with examples for specific vulnerabilities.
Read articleEncourages testers to engage in continuous security, suggesting starting points like OWASP ZAP scans and demonstrating how to write simple API tests with Rest-Assured to verify security headers.
Read articleIntroduces OWASP ZAP for continuous security scanning, detailing setup as a proxy for Selenium traffic and using its Java API to trigger spidering, passive, and active scans, concluding with report generation and assertion.
Read articleIntroduces Find Security Bugs, a static analysis tool for Java security vulnerabilities, explaining Maven integration, configuration, and execution for CI or manual verification, demonstrated with OWASP WebGoat.
Read articleExplains how to leverage existing automated functional tests (Selenium, Rest-Assured) by running them through a local proxy (JMeter, Burp, ZAP etc.) to capture traffic, which can then drive security scanning, performance testing, and exploratory testing efforts.
Read articleIntroduces OWASP Dependency Check for Continuous Security, explaining its integration into Maven projects, running checks, interpreting reports, handling false positives via suppression files, and integrating into CI pipelines with build failure conditions.
Read article