First Last Prev Next    This bug is not in your last search results.
Bug 52666 - Add CI-Security testing
Add CI-Security testing
Status: NEW
Product: UCS Test
Classification: Unclassified
Component: General
unspecified
Other Linux
: P5 normal (vote)
: ---
Assigned To: UCS maintainers
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2021-01-18 14:42 CET by Florian Best
Modified: 2021-01-20 10:54 CET (History)
2 users (show)

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Florian Best univentionstaff 2021-01-18 14:42:43 CET 
It would be nice if we add automated security testing against UCS.

Products which might help here are:
* https://owasp.org/www-project-zap/
* https://www.synopsys.com/software-integrity/security-testing/fuzz-testing.html
Comment 1 Philipp Hahn univentionstaff 2021-01-20 10:54:18 CET 
GitLab already includes many security scanners, both for static and dynamic analysis: <https://docs.gitlab.com/ee/user/application_security/>
You just have to enable them for your individual projects (or get them for free with AutoDevOps projects)
First Last Prev Next    This bug is not in your last search results.