Framework for Application Security Testing (FAST) by Wallarm

Additional Info

CompanyWallarm
Websitehttps://wallarm.com/
Company size (employees)50 to 99

Overview

Wallarm Framework for Application Security Testing (FAST) enables
on-going security testing as a part of CI/CD. With continuous integration
and continuous deployment, applications are not shrink-wrapped software
anymore, applications are a service. To protect this service, security and
test automation needs to become a continuous service as well.

Wallarm FAST is focused on server-side application security testing. It generates application test baselines by analyzing all incoming HTTP requests. To implement this, the initial unit and smoke test traffic is proxied through an easy-to-deploy Wallarm FAST proxy. For each baseline a set of tests is generated using fuzzing and the Wallarm threat database, which includes payloads for such common attacks as xss,
sqli, rce & path traversal. Wallarm FAST then runs these sets of tests. Test Runs can be started manually or initiated by events in the CI/CD environment, such as build completion. Wallarm FAST is designed to be a flexible test environment and provide Test Automation As A Service (TAaaS).

It is stack independent and will test applications developed in .NET, Java, Python, Ruby, PHP, and other development environments. Tests can be run locally or from the Wallarm Cloud service allowing DevOps full configuration control without having
to worry about deployment environment, scale, or flexibility.
FAST supports the following protocols (including nested protocol) for Deep Packet Inspection:
HTTP/2.0, REST, JSON, COMET, XML, SOAP,
Base64, GZIP, VIEWSTATE, PHP (unserialize).

How we are different

1. DevOps focus on business logic : FAST helps the security team execute control of security while the application is still in development without slowing down the development process. The security team defines the policy the DevOps run automated test execution and get immediate actionable results.
2.Actionable Results: Wallarm FAST makes test results actionable. Search all the test cases and test runs results by time, tag or TestRunID to drill into more details. Quickly see which APIs may present a problem and examine a sample exploit for every vulnerability.
3. Increase test coverage: Wallarm FAST will automatically generates a suite of tests for your application using our unique fuzzing technology and re-captured hacker intelligence.