Sara Martinez Giner
This talk presents a streamlined approach to Dynamic Application Security Testing (DAST) in the Secure Software Development Life Cycle (SSDLC). By integrating DAST directly into existing Selenium-based web tests and using ZAProxy, the traditional complex setup - such as URL parsing and authentication - is avoided. The proposed method leverages functional test coverage to better isolate vulnerabilities and simplifies setup by configuring the proxy in browser features. This integration provides earlier security feedback and increases the efficiency of vulnerability detection compared to traditional spider-based testing, proving it to be a more practical and effective alternative.
Sara Martinez Giner
SDET Lead | Cybersecurity | Automation
Sara has enjoyed testing and automation for more than 10 years, ensuring high quality products in industries such as Telecommunications, Geolocation, Big Data, and Power Electronics. In 2019, she shifted her focus to cybersecurity testing, applying her knowledge of quality assurance to testing security software products. Since then, Sara has continued to hone her skills and integrate cybersecurity into every aspect of her work and research.