Pentesting Without Pentesters

Explore a groundbreaking approach to security testing in this conference talk from nullcon Goa 2014. Learn how to leverage existing functional test cases to generate security findings without dedicated penetration testers. Discover a new scanning technology that integrates with automated functional testing platforms like Selenium, Sahi, and Silk Test. Understand how this method produces security insights in developer-friendly language, enhancing the overall security posture of applications. Gain insights into the implementation of this technology in the open-source web security scanner IronWASP and learn about companion libraries that enable its use across various programming languages.