OWASP Developer Guide
Verification Frameworks
6.3 Verification frameworks
Verification is one of the business functions described by the OWASP SAMM and both Security Testing and Requirements-driven Testing are an important part of verification.
Verification testing can benefit from using frameworks to support continuous and automated security testing. Use of a framework can provide:
- automation of a security analysis pipeline
- flexibility to run a series of tools in a pipeline
- scalability for multiple security scanners
- control interfaces
Sections:
6.3.1 secureCodeBox
The OWASP Developer Guide is a community effort; if there is something that needs changing then submit an issue or edit on GitHub.