Seeker gives you unparalleled visibility into your web app security posture and identifies vulnerability trends against compliance standards (e.g., OWASP Top 10, PCI DSS, GDPR, and CWE/SANS Top 25). Seeker enables security teams to identify and track sensitive data to ensure that it is handled securely and not stored in log files or databases with weak or no encryption. Seeker’s seamless integration into CI/CD workflows enables fast IAST security testing at DevOps speed.
Get Started
$ dotnet add package Seeker.Net.Azure.ExtensionReadme
About
Seeker gives you unparalleled visibility into your web app security posture and identifies vulnerability trends against compliance standards (e.g., OWASP Top 10, PCI DSS, GDPR, and CWE/SANS Top 25). Seeker enables security teams to identify and track sensitive data to ensure that it is handled securely and not stored in log files or databases with weak or no encryption. Seeker’s seamless integration into CI/CD workflows enables fast IAST security testing at DevOps speed.
How to use
To use this package in Azure Web App, perform the following steps:
- Make sure that you have a running Seeker Enterprise Server version 2020.01 or higher. This server should be accessible from your Azure Web App environment.
- Deploy your Web Application in Azure Web App as usual.
- Follow instructions provided by the
Connect Agent Wizardin the Seeker Web UI to configure the Seeker agent. - In Azure Web App, from the Extensions tab, choose and install .NET Black Duck Seeker IAST Extension. Accept the license.
- Once it is installed, restart your Azure Web App on the Azure portal.
Review the detected security issues in the Seeker Web UI.
Limitation
The .NET Black Duck Seeker IAST Extension can not be used on any Azure plan. Please check your Azure plan before installing the extension:
- Azure Functions: premium plan or higher
- Azure App Service: any dedicated environment plan