Skip to main content

Create Security Test

Continuous penetration tests with predefined attacker datasets based on Open Worldwide Application Security Project (OWASP) top ten web application security risks and Zed Attack Proxy (ZAP).

From a technical perspective, ZAProxy is used as an HTTP(S) proxy, positioned between Botium and your chatbot endpoint. This setup is only meaningful if you are hosting your own HTTP(S) endpoint. It is not suitable for continuous security testing of hosted third-party endpoints, such as IBM Watson or Google Dialogflow.

These technologies use different HTTP(S) proxy settings than those linked by Botium. Moreover, the major SaaS providers already have minimal security vulnerabilities. Even if there is a vulnerability, Botium and ZAProxy are not the right tools to detect them.

Warning: Security testing in Botium is not a substitute for a full security audit. It can only highlight red flags and provide an entry point for more comprehensive security testing.
Tip: If you already have your own installation of ZAProxy, you can link it to Botium. Follow the steps here to setup your own ZAProxy.

Steps:

  1. Navigate Using the Left Pane: Navigate to Test Suite > Security and click the + CREATE TEST button to create a new project.


  2. Configure Project:
    1. Give your project a meaningful name
    2. Select your chatbot technology from the dropdown menu
    3. Optional - Add a namespace to associate with your project. For more information on namespaces see Botium Namespaces
    4. Optional - Schedule your test for automated testing.
    5. Click the START button to run your test



  3. Running: You’ll now see your new project added to the Security projects list. You can see Botium doing the hard work in the background, and after several seconds, you can open the project view to see an overview of the results or to make adjustments to the project's configuration.


What next? Open up your new project and view your latest test results.

Was this article helpful?

0 out of 0 found this helpful