Operator driven API security testing based on OpenAPI definition
Last autumn we open-sourced the dast-operator which helps checking web applications for security vulnerabilities. The first version was able to initiate a simple dynamic application security test based on custom resources and service annotations. To read more about the first version please check our Dynamic application security testing in Kubernetes blog post.
Today we are happy to announce that we are now extending the operator capabilities with a few new features to facilitate testing APIs as well.