mirror of
https://github.com/graphql-python/graphene.git
synced 2024-11-29 04:53:55 +03:00
feat: DAST
Signed-off-by: QuentinN42 <quentin@lieumont.fr>
This commit is contained in:
parent
f07d6a29c5
commit
672ab9110b
32
docs/security/dast.rst
Normal file
32
docs/security/dast.rst
Normal file
|
@ -0,0 +1,32 @@
|
|||
Dynamic Application Security Testing
|
||||
====================================
|
||||
|
||||
Continuous security testing
|
||||
---------------------------
|
||||
|
||||
One of the best way to stop wondering about security for your API is to be able to scan it each time you deploy it into
|
||||
staging or production environments. As you run your unit tests in your CI/CD pipeline, you can bullet-proof your GraphQL
|
||||
application before it even reaches a production environment.
|
||||
|
||||
Security testing tools
|
||||
----------------------
|
||||
|
||||
graphql.security
|
||||
________________
|
||||
|
||||
`graphql.security`_ is a free, quick graphql security testing tool, allowing you to quickly assess the most common
|
||||
vulnerabilities in your application.
|
||||
|
||||
Escape
|
||||
______
|
||||
|
||||
`Escape`_ is a GraphQL security SaaS platform running an automated pentest tool.
|
||||
|
||||
You can effortlessly incorporate this platform into your current CI/CD pipeline such as Github Actions or Gitlab CIs
|
||||
which makes it convenient to set up.
|
||||
|
||||
The security notifications will be automatically communicated to your CI/CD platform, enabling you to promptly attend to
|
||||
them.
|
||||
|
||||
.. _graphql.security: https://graphql.security/
|
||||
.. _Escape: https://escape.tech/
|
|
@ -19,7 +19,6 @@ the `Django documentation`_ on how to secure your API.
|
|||
maxdepth
|
||||
introspection
|
||||
customvalidation
|
||||
|
||||
We have seen the most efficient way to secure your GraphQL API.
|
||||
dast
|
||||
|
||||
.. _Django documentation: https://docs.djangoproject.com/en/4.1/topics/security/
|
||||
|
|
Loading…
Reference in New Issue
Block a user