Secure Pro is an API security testing paid tool provided by SmartBear. This tool has following features:
To test the application, it is recommended to build the security test plan. OWASP Security Cheat sheet provides the overview that security test engineers can use and incorporate in the plan.
To build the test environment for testing the mobile application, below tools can be used:
Tools that can be used for attacking are:
Test cases should be prepared and few major areas are as follows:
Information on security threats that can potentially exploit the application.
What is the root cause of the security issue? We can define the security flaw that has been determined.
Which testing technique has helped in finding the issue? Whether it is pen test, security test or source code analysis.
What could be the fix? Do we need any requirement change, code change or any configuration change?
What risk it poses to the application. Whether it is Critical, High, Medium or Low.
We would love to hear your feedback, questions, comments and suggestions. This will help us to make us better and more useful next time.
Share your thoughts and ideas at knowledgecenter@qasource.com