Code used in the demo from the "Final Frontier: Automating DYNAMIC Security Testing"
Start DefectDojo and Juice Shop first
docker-compose -f prequistes.yml up -d
Access DefectDojo on 127.0.0.1:8888 with the credentials below
U - admin
P - DefectDojo!0
Find the API key by visiting
127.0.0.1:8888/api/key-v2
And insert it on line 16 of tools/defectdojo/defectdojo.bash
Access Juice Shop on 127.0.0.1:3000
In an environment that has docker and docker compose, run the line below and watch the following happen
- Scan Juice Shop with SSLyze and ZAP
- Push those results to DefectDojo
- Clean up all the evidence (Remove scan containers and volumes)
./demo.bash