CN112000585A - Safety testing method and system based on DevSecOps platform - Google Patents
Safety testing method and system based on DevSecOps platform Download PDFInfo
- Publication number
- CN112000585A CN112000585A CN202011171407.2A CN202011171407A CN112000585A CN 112000585 A CN112000585 A CN 112000585A CN 202011171407 A CN202011171407 A CN 202011171407A CN 112000585 A CN112000585 A CN 112000585A
- Authority
- CN
- China
- Prior art keywords
- testing
- devsecops
- safety
- platform
- test
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3664—Environments for testing or debugging software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3688—Test management for test execution, e.g. scheduling of test suites
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Quality & Reliability (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Debugging And Monitoring (AREA)
Abstract
The invention discloses a security testing method and a system based on a DevSecOps platform, wherein a plurality of security testing tools and automatic installation and deployment tools are integrated on the DevSecOps platform; the DevSecOps platform provides a visual and self-defined editing system, and the editing system provides display and editing of all development links related to testing in the DevSecOps process; the safety test method comprises the following steps: based on the characteristics of the application project, carrying out self-defined editing of a test flow on a development link through an editing system to form a safety test assembly line, and automatically deploying the analyzed configuration requirements to a safety test service program of a DevSecOps platform based on an automatic installation and deployment tool; for the safety testing method, a user can freely select and use the safety testing tool and the testing steps according to the characteristics of the application project, so that the flexibility of using the safety testing tool in the software safety testing process is improved, different safety testing technologies are supported to be used in different development links, and the testing efficiency and the testing quality can be effectively improved.
Description
Technical Field
The invention relates to the technical field of software full life cycle safety development and test, in particular to a safety test method and system based on a DevSecOps platform.
Background
The development of information technology enables software to be larger and larger in scale, traditional software workshop type production often depends on the excited emotion of creating wealth urgently, the production is in an unordered and chaotic state, the quality of software products cannot be guaranteed, and even software projects are cancelled midway, and the production mode cannot meet the increasing software requirements. The software industry is increasingly aware of: development and operation and maintenance work must be closely cooperated in order to deliver software products and services on time, and therefore, a DevOps software Development platform has emerged, which is a collective term for a group of processes, methods and systems for facilitating communication, cooperation and integration between Development (application/software engineering), technical operation and Quality Assurance (QA) departments, which is a culture, sport or practice that attaches importance to the communication cooperation between "users (devs)" and "IT operation and maintenance technicians (Ops)". Through the automatic software delivery and architecture change processes, the software can be built, tested and released more quickly, frequently and reliably.
The traditional DevOps flow does not pay attention to the security testing part, but the information security is more and more emphasized by enterprises, and under the background that the development and deployment automation technology is mature, the security testing is automatically integrated into the existing DevOps flow, and then the mature DevSecOps flow is constructed to become a new target of enterprise application development.
However, for a software development platform based on the DevSecOps flow, at present, limited security testing tools are integrated on the platform, and a user can only passively use the security testing tools when performing security testing on an application item, and cannot freely select the combination and execution steps of the security testing tools according to the characteristics of the application item, so that flexible application of the security testing tools is limited, and the testing efficiency and the testing quality are reduced.
Disclosure of Invention
One of the purposes of the present invention is to provide a security testing method based on a DevSecOps platform, so that a user can freely select a required testing process according to needs.
Another object of the present invention is to provide a security testing system based on the DevSecOps platform, so that the user can freely select the required testing procedures according to the needs.
In order to achieve the above object, the present invention discloses a security testing method based on a DevSecOps platform, on which a plurality of container operation based security testing tools and automated installation deployment tools are integrated; the DevSecOps platform provides a visual and self-defined editing system, and the editing system provides the display and editing of all development links related to the test in the DevSecOps process; the safety test method comprises the following steps:
based on the characteristics of an application project, carrying out custom editing on the test flow of the development link through the editing system to form a safety test production line, wherein the test flow comprises selection of a safety test tool, execution sequence of test steps and selection of a trigger mode;
analyzing the configuration requirements of the security testing pipeline, and automatically deploying the analyzed configuration requirements into a security testing service program of a DevSecOps platform based on the automatic installation and deployment tool;
when the trigger mode is satisfied, the DevSecOps platform automatically tests the application item in the secure testing pipeline.
Compared with the prior art, the invention relates to a security testing method based on a DevSecOps platform, which comprises the following steps: firstly, the DevSecOps platform provides a visual and self-defined editing system, and the editing system can dynamically arrange the test flows of all development links related to the test in the DevSecOps flow to form a safety test flow line, namely, the self-defined arrangement of the safety test flow line is supported, so that a user can freely select and use a safety test tool and a test step according to the characteristics of an application project, the flexibility of using the safety test tool in the software safety test flow is improved, different safety test technologies in different development links are supported, and the test efficiency and the test quality can be effectively improved; in addition, the DevSecOps platform is integrated with an automatic installation and deployment tool, so that a safety test assembly line arranged by a user can be automatically deployed, the difficulty of building the running environment of the safety test tool by the user is solved, the use is more convenient particularly for some emerging safety test tools which are not known by the user, and the workload of a tester is effectively reduced.
Preferably, the security testing method further comprises:
the DevSecOps platform can automatically recommend the matched safety test pipelines in the editing system according to the basic information of the application project, and can perform custom editing on the recommended safety test pipelines.
Preferably, the security testing tool comprises at least two of an interactive security testing tool, a dynamic security testing tool, a static security testing tool, a software component analysis testing tool, and an application program interface fuzzing testing tool.
Preferably, development links related to the test in the DevSecOps flow provided in the editing system include a construction triggering link, a construction link, a testing link, a product archiving link and a deployment link;
for the construction triggering link, a triggering mode for starting a user-defined test program is supported;
for the construction link, a user is supported to freely select a source, a compiling tool and a safety testing tool of the code warehouse, and meanwhile, the user is supported to freely select whether to carry out safety testing at the stage;
for the testing link, a user is supported to freely select a safety testing tool and an execution sequence of testing steps;
for the product archiving link, a user is supported to freely select whether to perform a safety test and select the safety test tool;
and for the deployment link, a user is supported to freely select the execution sequence of the safety deployment and test steps and the selection of the safety test tool.
The invention also discloses a security test system based on the DevSecOps platform, wherein a plurality of container operation-based security test tools and automatic installation and deployment tools are integrated on the DevSecOps platform, and the DevSecOps platform is also provided with an analysis module, a deployment module and a visual and self-defined editing system;
the editing system provides display and editing of all development links related to testing in a DevSecOps flow, and can perform custom editing of a testing flow on the development links to form a safety testing production line, wherein the testing flow comprises selection of a safety testing tool, execution sequence of testing steps and selection of a triggering mode;
the analysis module is used for analyzing the configuration requirement of the safety test production line output by the editing system;
the deployment module is used for automatically deploying the configuration requirements analyzed by the analysis module to a security test service program of the DevSecOps platform.
Preferably, the DevSecOps platform is further provided with a recommending module, the recommending module can automatically recommend the matched safety testing pipeline in the editing system according to the basic information of the application item, and the recommended safety testing pipeline supports custom editing.
Preferably, the security testing tool comprises at least two of an interactive security testing tool, a dynamic security testing tool, a static security testing tool, a software component analysis testing tool, and an application program interface fuzzing testing tool.
Preferably, development links related to the test in the DevSecOps flow provided in the editing system include a construction triggering link, a construction link, a testing link, a product archiving link and a deployment link;
for the construction triggering link, a triggering mode for starting a user-defined test program is supported;
for the construction link, a user is supported to freely select a source, a compiling tool and a safety testing tool of the code warehouse, and meanwhile, the user is supported to freely select whether to carry out safety testing at the stage;
for the testing link, a user is supported to freely select a safety testing tool and an execution sequence of testing steps;
for the product archiving link, a user is supported to freely select whether to perform a safety test and select the safety test tool;
and for the deployment link, a user is supported to freely select the execution sequence of the safety deployment and test steps and the selection of the safety test tool.
The invention also discloses a security testing system based on the DevSecOps platform, which comprises one or more processors, a memory and one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by the one or more processors, and the program comprises instructions for executing the security testing method based on the DevSecOps platform.
The present invention also discloses a computer readable storage medium comprising a computer program for testing, which is executable by a processor to perform the DevSecOps platform based security testing method as described above.
Drawings
Fig. 1 is a schematic flow chart of a security testing method according to an embodiment of the present invention.
Fig. 2 is a schematic structural diagram of a security testing system according to an embodiment of the present invention.
Detailed Description
In order to explain technical contents, structural features, and objects and effects of the present invention in detail, the following detailed description is given with reference to the accompanying drawings in conjunction with the embodiments.
As shown in fig. 1 and fig. 2, the present embodiment discloses a security testing method based on a DevSecOps platform, for performing security testing on an application project in a software security development process using the DevSecOps platform. The DevSecOps platform has integrated thereon several container-based (Docker) running security testing tools 10 and an automated installation deployment tool 11 (ansible). The security testing tool 10 in the present embodiment includes at least two of an interactive security testing tool (iatt), a dynamic security testing tool (DAST), a static security testing tool (SAST), a software component analysis testing tool (SCA), and an application program interface Fuzz testing tool (API-Fuzz). The DevSecOps platform provides a visual, custom editing system 20, and the editing system 20 provides the presentation and editing of all development links related to testing in the DevSecOps flow. Specifically, the editing system 20 is provided in a web service manner, the front end adopts a VUE development framework (visual web development framework) to provide a visible presentation interface and an input interface for a user, the back end mainly comprises a processor and some logic processing units which are in communication connection with the overall control system of the DevSecOps platform, and the processor acquires DevSecOps flow information from the overall control system of the DevSecOps platform and outputs the processed information to the DevSecOps platform. The safety test method comprises the following steps:
s1: based on the characteristics of the application, the development loop is subjected to custom editing of a test flow through an editing system 20 to form a safety test assembly line, wherein the test flow comprises selection of a safety test tool 10, execution sequence of test steps and selection of a trigger mode;
s2: the editing system 20 transmits the processed information of the security test pipeline to the DevSecOps platform, and the DevSecOps platform analyzes the configuration requirement of the security test pipeline through an analytic language (such as Python);
s3: automatically deploying the analyzed configuration requirements to a security test service program of the DevSecOps platform based on an automatic installation deployment tool 11;
when the trigger mode is satisfied, the DevSecOps platform automatically tests the application item in a secure test pipeline.
For the safety testing method disclosed in the above embodiment, all development links related to the application project and the test are visually displayed, and a user can conveniently add different safety testing tools 10 in different links, so that a user-defined safety testing pipeline design capability is provided, and the user can select different safety testing tools 10 according to the characteristics of the project application, so that the flexibility of application to the safety testing tools 10 is improved, and the testing efficiency and the testing quality are effectively improved. Because each safety testing tool 10 exists in the form of a container, that is, each safety testing tool 10 is placed in a different container, after the safety testing pipeline is generated, the DevSecOps platform dynamically starts, modifies, configures or closes the container under the safety testing pipeline set by a user according to the user requirement, so that the automatic deployment of the safety testing service of the whole testing process is realized, the safety testing tools 10 do not need to be manually deployed and configured individually, the working efficiency is improved, the difficulty of building the running environment of the safety testing tools 10 by the user is solved, particularly for some emerging safety testing tools 10 which are not known by the user, the use is more convenient, and the workload of testing personnel is effectively reduced.
Further, in order to facilitate the user to design the safety test pipeline, the DevSecOps platform may automatically recommend a matching safety test pipeline in the editing system 20 according to the basic information of the application, and may perform custom editing on the recommended safety test pipeline. Therefore, the user can use the safety test pipeline recommended by the DevSecOps platform only by slightly editing or without editing, thereby further reducing the workload in the test process of the user.
Further, as shown in fig. 2, the development links included in the security test pipeline mainly include five links: a triggering link, a construction link, a testing link, a product archiving link and a deployment link are constructed. In each link, a user can customize the specific steps required to be performed by the safety test assembly line.
For example:
in the construction triggering link, a user can define a triggering mode, namely, a manual triggering mode, a timing triggering mode or an event triggering mode is selected for safe construction and testing, the construction triggering mode based on the event allows the user to set construction triggering conditions, once the conditions are met, safe construction and testing can be automatically carried out, and common scenes based on the event triggering are as follows: triggering when a research and development personnel submits source codes, triggering when code warehouse merge codes branch, and the like.
In the construction link, a user can select different code warehouses to obtain source codes, and then select different compiling tools to construct the source codes. Meanwhile, in the construction stage, a user can perform test configuration, namely whether to perform security test in the stage can be determined according to the security policy of the user, and the optional security test in the stage comprises the following steps: static security testing and software component analysis testing.
In the testing link, a user can perform testing configuration, namely, a step of performing self-defined safety testing. For example, a user may first perform a unit test, a smoke test, a software component analysis test, and then perform an interactive security test, a dynamic security test. In this process, the safety test tool 10 and the testing steps can be adjusted according to the needs of the user.
In the deployment process, the user may also perform test configuration, i.e., select steps for performing security deployment and testing and the security testing tool 10. For example, a user may define to first perform interface testing and UI testing, and then deploy an automated application security protection tool (RASP).
In addition, for the product archiving link, test configuration can be performed, and whether safety test is performed or not can be selected according to the archiving format.
To sum up, with the testing method disclosed in the above embodiment, a security testing pipeline matched with each application item can be designed for each application item, after the design and initialization of the security testing pipeline are completed, the application item passes through such a security testing process before going online each time, for different trigger modes defined in the security testing pipeline, the security testing pipeline can be started in different modes, such as timing, manual or event trigger-based, when the adjustment is satisfied, the security testing pipeline is automatically executed according to the arranged program, so as to complete the security testing of the corresponding application item, after the security testing is completed, a security testing report can be output, and the security vulnerability condition existing in the application item can be checked from the security testing report.
In addition, the invention also discloses a security test system based on the DevSecOps platform in another preferred embodiment. Specifically, a plurality of container operation-based security testing tools 10 and automated installation and deployment tools 11 are integrated on the DevSecOps platform, and a parsing module 13, a deployment module 12, and a visual, custom editing system 20 are further disposed on the DevSecOps platform.
The editing system 20 provides display and editing of all development links related to the test in the DevSecOps flow, and can perform custom editing of the test flow on the development links to form a safety test pipeline, wherein the test flow includes selection of the safety test tool 10, execution sequence of the test steps, and selection of a trigger mode.
And the analysis module 13 is used for analyzing the configuration requirement of the safety test pipeline output by the editing system 20.
A deployment module 12, configured to automatically deploy the configuration requirement parsed by the parsing module 13 to the security testing service program of the DevSecOps platform.
Further, the DevSecOps platform is also provided with a recommending module, the recommending module can automatically recommend a matched safety testing pipeline in the editing system 20 according to the basic information of the application item, and the recommended safety testing pipeline supports custom editing.
Further, the development links related to the test in the DevSecOps flow provided in the editing system 20 include a construction triggering link, a construction link, a testing link, a product archiving link, and a deployment link;
for the construction of a trigger link, a user is supported to define a trigger mode for starting a test program;
for the construction link, the user is supported to freely select the source, the compiling tool and the safety testing tool 10 of the code warehouse, and the user is supported to freely select whether to carry out safety testing at the stage;
for the testing link, the user is supported to freely select the safety testing tool 10 and the execution sequence of the testing steps;
for the product archiving link, the user is supported to freely select whether to perform the safety test and select the safety test tool 10;
for the deployment link, the user is supported to freely select the safe deployment and the execution sequence of the test steps and the selection of the safe testing tool 10.
The specific working principle and working flow of the safety testing system in this embodiment are detailed in the method of the safety testing system, and are not described herein again.
The invention also discloses a security testing system based on the DevSecOps platform, which comprises one or more processors, a memory and one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by the one or more processors, and the program comprises instructions for executing the security testing method based on the DevSecOps platform.
In addition, the invention also discloses a computer readable storage medium, which comprises a computer program for testing, wherein the computer program can be executed by a processor to complete the DevSecOps platform-based security testing method.
The above disclosure is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the scope of the present invention, therefore, the present invention is not limited by the appended claims.
Claims (10)
1. A safety test method based on a DevSecOps platform is characterized in that a plurality of safety test tools based on container operation and automatic installation and deployment tools are integrated on the DevSecOps platform; the DevSecOps platform provides a visual and self-defined editing system, and the editing system provides the display and editing of all development links related to the test in the DevSecOps process; the safety test method comprises the following steps:
based on the characteristics of an application project, carrying out custom editing on the test flow of the development link through the editing system to form a safety test production line, wherein the test flow comprises selection of a safety test tool, execution sequence of test steps and selection of a trigger mode;
analyzing the configuration requirements of the security testing pipeline, and automatically deploying the analyzed configuration requirements into a security testing service program of a DevSecOps platform based on the automatic installation and deployment tool;
when the trigger mode is satisfied, the DevSecOps platform automatically tests the application item in the secure testing pipeline.
2. The DevSecOps platform based security testing method as claimed in claim 1, wherein the security testing method further comprises:
the DevSecOps platform can automatically recommend the matched safety test pipelines in the editing system according to the basic information of the application project, and can perform custom editing on the recommended safety test pipelines.
3. The DevSecOps platform-based security testing method of claim 1, wherein the security testing tools comprise at least two of an interactive security testing tool, a dynamic security testing tool, a static security testing tool, a software component analysis testing tool, and an application program interface fuzz testing tool.
4. The DevSecOps platform-based security testing method as claimed in claim 1, wherein the development links related to the testing in the DevSecOps process provided in the editing system include a construction triggering link, a construction link, a testing link, an article archiving link and a deployment link;
for the construction triggering link, a triggering mode for starting a user-defined test program is supported;
for the construction link, a user is supported to freely select a source, a compiling tool and a safety testing tool of the code warehouse, and meanwhile, the user is supported to freely select whether to carry out safety testing at the stage;
for the testing link, a user is supported to freely select a safety testing tool and an execution sequence of testing steps;
for the product archiving link, a user is supported to freely select whether to perform a safety test and select the safety test tool;
and for the deployment link, a user is supported to freely select the execution sequence of the safety deployment and test steps and the selection of the safety test tool.
5. A safety test system based on a DevSecOps platform is characterized in that a plurality of safety test tools based on container operation and automatic installation and deployment tools are integrated on the DevSecOps platform, and the DevSecOps platform is also provided with an analysis module, a deployment module and a visual and self-defined editing system;
the editing system provides display and editing of all development links related to testing in a DevSecOps flow, and can perform custom editing of a testing flow on the development links to form a safety testing production line, wherein the testing flow comprises selection of a safety testing tool, execution sequence of testing steps and selection of a triggering mode;
the analysis module is used for analyzing the configuration requirement of the safety test production line output by the editing system;
the deployment module is used for automatically deploying the configuration requirements analyzed by the analysis module to a security test service program of the DevSecOps platform.
6. The DevSecOps platform-based security testing system as claimed in claim 5, wherein the DevSecOps platform is further configured with a recommendation module, the recommendation module can automatically recommend the matching security testing pipeline in the editing system according to basic information of an application, and the recommended security testing pipeline supports custom editing.
7. The DevSecOps platform based security testing system of claim 5, wherein the security testing tools comprise at least two of an interactive security testing tool, a dynamic security testing tool, a static security testing tool, a software component analysis testing tool, and an application program interface fuzz testing tool.
8. The DevSecOps platform-based security testing system of claim 5, wherein the development links related to the testing in the DevSecOps process provided in the editing system comprise a build trigger link, a build link, a test link, an article archiving link, and a deployment link;
for the construction triggering link, a triggering mode for starting a user-defined test program is supported;
for the construction link, a user is supported to freely select a source, a compiling tool and a safety testing tool of the code warehouse, and meanwhile, the user is supported to freely select whether to carry out safety testing at the stage;
for the testing link, a user is supported to freely select a safety testing tool and an execution sequence of testing steps;
for the product archiving link, a user is supported to freely select whether to perform a safety test and select the safety test tool;
and for the deployment link, a user is supported to freely select the execution sequence of the safety deployment and test steps and the selection of the safety test tool.
9. A security testing system based on a DevSecOps platform, comprising:
one or more processors;
a memory;
and one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by the one or more processors, the programs comprising instructions for performing the DevSecOps platform based security testing method as claimed in any one of claims 1 to 4.
10. A computer readable storage medium comprising a computer program for testing, the computer program being executable by a processor to perform the DevSecOps platform based security testing method as claimed in any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011171407.2A CN112000585B (en) | 2020-10-28 | 2020-10-28 | Safety testing method and system based on DevSecOps platform |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011171407.2A CN112000585B (en) | 2020-10-28 | 2020-10-28 | Safety testing method and system based on DevSecOps platform |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112000585A true CN112000585A (en) | 2020-11-27 |
| CN112000585B CN112000585B (en) | 2021-02-02 |
Family
ID=73475215
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011171407.2A Active CN112000585B (en) | 2020-10-28 | 2020-10-28 | Safety testing method and system based on DevSecOps platform |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112000585B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114356772A (en) * | 2022-01-05 | 2022-04-15 | 瀚云科技有限公司 | Security test method, device, electronic equipment and storage medium |
| CN115913934A (en) * | 2022-12-01 | 2023-04-04 | 中电云数智科技有限公司 | Automatic DevSecOps CD pipeline configuration method |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10606613B2 (en) * | 2018-05-31 | 2020-03-31 | Bank Of America Corporation | Integrated mainframe distributed orchestration tool |
| CN111309441A (en) * | 2020-02-19 | 2020-06-19 | 北京中数智汇科技股份有限公司 | Micro-service deployment method for realizing DevOps based on Jenkins |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11275786B2 (en) * | 2019-04-17 | 2022-03-15 | International Business Machines Corporation | Implementing enhanced DevOps process for cognitive search solutions |
| CN110209421A (en) * | 2019-05-23 | 2019-09-06 | 北京奥鹏远程教育中心有限公司 | For educating the automation continuous integrating management method of cloud platform |
| CN111078270B (en) * | 2019-11-20 | 2021-02-19 | 北京国舜科技股份有限公司 | Application security management and control method and device, electronic equipment and storage medium |
-
2020
- 2020-10-28 CN CN202011171407.2A patent/CN112000585B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10606613B2 (en) * | 2018-05-31 | 2020-03-31 | Bank Of America Corporation | Integrated mainframe distributed orchestration tool |
| CN111309441A (en) * | 2020-02-19 | 2020-06-19 | 北京中数智汇科技股份有限公司 | Micro-service deployment method for realizing DevOps based on Jenkins |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114356772A (en) * | 2022-01-05 | 2022-04-15 | 瀚云科技有限公司 | Security test method, device, electronic equipment and storage medium |
| CN115913934A (en) * | 2022-12-01 | 2023-04-04 | 中电云数智科技有限公司 | Automatic DevSecOps CD pipeline configuration method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112000585B (en) | 2021-02-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10572360B2 (en) | Functional behaviour test system and method | |
| CN111414172B (en) | Automatic deployment and release system and method for application software | |
| Boring et al. | Guideline for operational nuclear usability and knowledge elicitation (GONUKE) | |
| CN105701010A (en) | Method and device for accelerating software testing | |
| CN111930421A (en) | DevOps-based free layout monitoring system and using method thereof | |
| Sincero et al. | Approaching non-functional properties of software product lines: Learning from products | |
| CN105653287A (en) | Automatic program version issuing method and device | |
| WO2014022743A2 (en) | Mobile build, quality and deployment manager | |
| CN112965786A (en) | Continuous integration and continuous delivery method and device based on containerization | |
| CN112000585B (en) | Safety testing method and system based on DevSecOps platform | |
| US7721261B2 (en) | Method and apparatus for generating pairwise combinatorial tests from a graphic representation | |
| CN116029680A (en) | Processing system and method for service platform information | |
| CN106779404B (en) | Flow early warning method and device | |
| CN113568825B (en) | Program flow debugging method, device, equipment and storage medium | |
| US11195138B2 (en) | System and method for risk, waste, and opportunity evaluation, analysis, and recommendation | |
| Dalal et al. | Software Testing-Three P'S Paradigm and Limitations | |
| Ali et al. | A Comprehensive Study on Automated Testing with The Software Lifecycle | |
| CN113064811A (en) | Workflow-based automatic testing method and device and electronic equipment | |
| CN116820968A (en) | Automatic deployment method and system based on CICD full-function arrangement | |
| CN115481030A (en) | Automatic testing method, device, terminal and storage medium | |
| CN115061746A (en) | Jenkins-based vehicle-mounted network controller product development method and system | |
| CN111679832B (en) | Tool assembly integration method and device based on DevOps platform | |
| CN114048135A (en) | Code execution method and device based on pipeline, electronic equipment and medium | |
| CN111078270B (en) | Application security management and control method and device, electronic equipment and storage medium | |
| US20100257211A1 (en) | Generating semi-structured schemas from test automation artifacts for automating manual test cases |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |