Asserts is an open-source tool
that looks for deterministic and peripheral vulnerabilities
performing Dynamic and Static Application Security Testing (DAST - SAST).
Asserts also automates attacks to verify the status (open/closed)
of vulnerabilities on your system
and gives you fast feedback on the proposed solutions.
Therefore, Asserts can be included in CI/CD environments
as a security gate.
Python for the source code.
AWS to host the infrastructure.
Terraform to define as Code the infrastructure.
Docker to pack environments.
PGP, KMS, and SOPS to encrypt secrets
and ensure safe-transport and storage of critical information.
Asserts will allow you to
perform generic security tests during the software lifecycle;
perform custom security tests during the software lifecycle;
encapsulate organization security policies as code, and enforce them across your software lifecycle;
identify the status of deterministic vulnerabilities on your system;
recognize the exact moment a vulnerability appeared
(for every vulnerability check, Asserts prints the ToE fingerprint);
have an interactive cycle of vulnerability closing.
Corporate member of The OWASP Foundation
Copyright © 2021 Fluid Attacks, We hack your software. All rights reserved.