Discover how to automate security testing for RESTful APIs using Syntribos, an open-source security scanner, in this 42-minute LASCON conference talk from 2015. Learn about the design and architecture of Syntribos, its simple configuration requirements, and how to add new test types. Explore the plugin support and understand how this tool can significantly improve your security test workflow. Gain insights into detecting and eliminating common security vulnerabilities such as SQL injection, command injection, and denial of service attacks. The talk covers topics including the security pipeline, automation tools, open-source cloud platforms, HTTP requests, LDAP tests, HTTP proxy, test cases, the OpenStack Security Framework, and authentication methods.
Automate Security Tests for APIs with Syntribos - An Open Source Security Scanner
Overview
Syllabus
Intro
Security Pipeline
Automation Tools
Open Source Cloud Platform
Demo
HTTP Request
LDAP Tests
HTTP Proxy
Initial Requests
Test Cases
Goal Scheduler
OpenStack Security Framework
Generic Tests
HTTP Schemas
OpenStack Security Project
Authentication
Taught by
LASCON
