NT OBJECTives has updated its application security testing product NTOSpider. This update will allow NTOSpider to integrate with browser automation tool, Selenium, and enables users to record a series of events and to analyze the results. With this integration, security teams can automatically detect security defects during the nightly build process.
"Security, software development, and QA teams have been trying to find an effective way to integrate security testing earlier in the development lifecycle, when security defects are less costly to fix," said Dan Kuykendall, co-CEO and CTO of NT OBJECTives, Inc.
"In addition to improving web application security testing for software development/QA and security teams, NTOSpider's integration with Selenium can also be used to automate complex authentication solutions, as well as specific application workflows, such as shopping cart sequences."
It supports the following two methods of Selenium integration:
- It executes the Selenium script directly, while NTOSpider is running, to avoid working from a possibly expired session.
- It imports the output of a previously-executed script, expediting the testing process.
NT OBJECTives, Inc. has also released a new whitepaper available for download, entitled, "The Case for Integrating Selenium and Application Security Testing," featuring additional information regarding the benefits of integrating application scanners with Selenium. The whitepaper also compares two scenarios describing how NTOSpider can "piggy-back" on the application knowledge built into Selenium.