Badges
20 Points
3 Years
User Activity
Over 2 years ago
Contributed a review of SonarQube Server (formerly SonarQube): Code quality assurance solution that supports many coding languages
Over 3 years ago
Answered a question: What are your recommended automated penetration testing tools?
There are many automated DAST & SAST tools but from my perspective, there is no tool that can give you fully automated penetration testing, as most of the pentesting efforts are manual and depend on the professional and their way of thinking.
Also, you can use a variety of…
Over 3 years ago
Answered a question: What is the best Application Security Testing platform?
SAST - Veracode, goes well with integration
DAST - Either Microfocus Webinspect or Burp Suite Professional or OWASP ZAP (Open Source)
Component Scanning - Blackduck or Sonatype Nexus Platform or Whitesource Bolt
Vulnerability Auditing - Nessus & CIS - CAT ( Assessor Pro) or…
Almost 4 years ago
Answered a question: Is OWASP Zap better than PortSwigger Burp Suite Pro?
Yes OWASP ZAP is a good option as it's an open source so always preferred but Burp Suite Pro will give you more options, its one of the best tool to have for pentesters so defo worth it.
Almost 4 years ago
Contributed a review of Veracode: Fabulous support, good user management, good scalability, and good security
Almost 4 years ago
Contributed a review of PortSwigger Burp Suite Professional: Best for manual penetration testing, a great user interface, and offers good scanning capabilities
Reviews
Over 2 years ago
SonarQube Server (formerly SonarQube)
Almost 4 years ago
Veracode
Almost 4 years ago
PortSwigger Burp Suite Professional
Answers
Over 3 years ago
Static Application Security Testing (SAST)
Over 3 years ago
Static Application Security Testing (SAST)