How frequently do you perform penetration testing of your web applications? Is there a way to automate pen tests as part of the CI/CD process?

383 views26 Upvotes3 Comments

IT Analyst in IT Services, 2 - 10 employees
It is recommended to perform penetration testing on web applications at least once a year or after significant changes are made to the application. However, more frequent testing, such as quarterly or monthly, may be necessary for highly critical applications.

As for automating pen tests as part of the CI/CD process, yes, it is possible. This is commonly known as "Continuous Penetration Testing." It involves integrating automated penetration testing tools into the CI/CD pipeline to identify and report vulnerabilities in real-time. This helps to ensure that any new vulnerabilities introduced by code changes are detected and remediated early in the development process. There are many commercial and open-source tools available that can be used to automate pen tests as part of the CI/CD process.
2 1 Reply
Senior Engineering Manager in Finance (non-banking), 5,001 - 10,000 employees

Thanks for update. Will checkout tools for same.

IT Cyber Security and Compliance in Healthcare and Biotech, 1,001 - 5,000 employees
remediations are manually performed annually

Content you might like

Yes - Maine did the right thing. There are too many security risks with free versions of these tools. Not enough copyright or privacy protections of data.31%

No, but.... - You must have good security and privacy policies in place for ChatGPT (and other GenAI apps). My organization has policies and meaningful ways to enforce those policies and procedures for staff.52%

No - Bans simply don't work. Even without policies, this action hurts innovation and sends the wrong message to staff and the world about our organization.13%

I'm not sure. This action by Maine makes me think. Let me get back to you in a few weeks (or months).3%


9.5k views9 Upvotes1 Comment

Open AI (Game Changer: adoption w/ChatGPT)40%

Google (Game Changer: inventor of Transformers, Bard)20%

Microsoft (Game Changer: real time BingGPT+Search plus enterprise enablement)18%

Meta (Game Changer: LLM that can run on single GPU)7%

Amazon (Game Changer: TBD)4%

X.AI / Elon Musk (Game Changer: TBD)3%

Baidu (Chinese tech giant, with GPT version released in March)3%

Someone completely new5%


27.6k views89 Upvotes14 Comments