We have learned several security testing techniques and automation frameworks. After all the security testing is done, we will need to consolidate the security testing findings to present into a dashboard or a document to share with stakeholders. In addition to Robot Framework, which we have demonstrated, there are also other tools that can help us to do the reporting consolidation.
The screenshot shows the integration of security findings from different testing tools:
Security Testing Reporting Framework
We will introduce three typical tools to achieve consolidation of security findings:
Tools | RapidScan | OWASP DefectDojo | Serpico |
Characteristics |
It's a Python script that will execute several security testing tools and present the results. |
It can import several open source and commercial security testing tools' reports, and... |