Microservices Security Vulnerability Remediation approach using Veracode and Checkmarx

Amarjeet Singh
{"title":"Microservices Security Vulnerability Remediation approach using Veracode and Checkmarx","authors":"Amarjeet Singh","doi":"10.60087/jaigs.v4i1.128","DOIUrl":null,"url":null,"abstract":"Abstract — As organizations increasingly adopt microservices architectures for building scalable and resilient applications, ensuring the security of these distributed systems becomes paramount. In this empirical study, we conduct a comprehensive comparative analysis to assess the efficacy of three leading security scanning tools, namely Veracode, Snyk, and Checkmarx, in identifying and remedying security vulnerabilities within microservices applications deployed on the AWS and Azure cloud platforms.  \nThe study aims to provide nuanced insights into the performance, usability, and integration capabilities of these tools, offering valuable guidance to organizations striving to fortify their microservices-based infrastructures. By meticulously evaluating scanning capabilities, vulnerability detection accuracy, remediation guidance comprehensiveness, CI/CD pipeline integration proficiency, and overall ease of use, our research sheds light on the relative strengths and weaknesses of each tool in the context of modern cloud-native application security. Through meticulously designed experiments utilizing realistic microservices application scenarios encompassing diverse vulnerability types, including injection attacks, authentication bypasses, and insecure configurations, we present a thorough examination of the tools' capabilities and limitations. The findings from our study contribute to the evolving discourse on microservices security, emphasizing the critical importance of selecting appropriate security scanning solutions tailored to the unique requirements and constraints of cloud-based microservices architectures. By leveraging the insights gleaned from our comparative analysis, organizations can make well-informed decisions regarding tool selection and deployment strategies, thereby bolstering the resilience of their microservices ecosystems against an ever-expanding threat landscape.","PeriodicalId":517201,"journal":{"name":"Journal of Artificial Intelligence General science (JAIGS) ISSN:3006-4023","volume":"241 9","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-05-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Artificial Intelligence General science (JAIGS) ISSN:3006-4023","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.60087/jaigs.v4i1.128","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

Abstract

Abstract — As organizations increasingly adopt microservices architectures for building scalable and resilient applications, ensuring the security of these distributed systems becomes paramount. In this empirical study, we conduct a comprehensive comparative analysis to assess the efficacy of three leading security scanning tools, namely Veracode, Snyk, and Checkmarx, in identifying and remedying security vulnerabilities within microservices applications deployed on the AWS and Azure cloud platforms.  The study aims to provide nuanced insights into the performance, usability, and integration capabilities of these tools, offering valuable guidance to organizations striving to fortify their microservices-based infrastructures. By meticulously evaluating scanning capabilities, vulnerability detection accuracy, remediation guidance comprehensiveness, CI/CD pipeline integration proficiency, and overall ease of use, our research sheds light on the relative strengths and weaknesses of each tool in the context of modern cloud-native application security. Through meticulously designed experiments utilizing realistic microservices application scenarios encompassing diverse vulnerability types, including injection attacks, authentication bypasses, and insecure configurations, we present a thorough examination of the tools' capabilities and limitations. The findings from our study contribute to the evolving discourse on microservices security, emphasizing the critical importance of selecting appropriate security scanning solutions tailored to the unique requirements and constraints of cloud-based microservices architectures. By leveraging the insights gleaned from our comparative analysis, organizations can make well-informed decisions regarding tool selection and deployment strategies, thereby bolstering the resilience of their microservices ecosystems against an ever-expanding threat landscape.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
使用 Veracode 和 Checkmarx 的微服务安全漏洞修复方法
摘要--随着企业越来越多地采用微服务架构来构建可扩展和有弹性的应用程序,确保这些分布式系统的安全性变得至关重要。在这项实证研究中,我们进行了全面的比较分析,以评估 Veracode、Snyk 和 Checkmarx 这三种领先的安全扫描工具在识别和修复部署在 AWS 和 Azure 云平台上的微服务应用程序中的安全漏洞方面的功效。 该研究旨在对这些工具的性能、可用性和集成能力提供细致入微的见解,为努力加固基于微服务基础设施的企业提供有价值的指导。通过细致评估扫描能力、漏洞检测准确性、修复指导全面性、CI/CD 管道集成能力和整体易用性,我们的研究揭示了每种工具在现代云原生应用安全方面的相对优缺点。我们通过精心设计的实验,利用现实的微服务应用场景,包括注入攻击、身份验证绕过和不安全配置等多种漏洞类型,对这些工具的能力和局限性进行了全面检查。我们的研究结果为不断发展的微服务安全讨论做出了贡献,强调了根据基于云的微服务架构的独特要求和限制选择合适的安全扫描解决方案的重要性。通过利用从我们的比较分析中获得的见解,企业可以就工具选择和部署策略做出明智的决策,从而增强其微服务生态系统的复原力,应对不断扩大的威胁环境。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
LLM-Cloud Complete: Leveraging Cloud Computing for Efficient Large Language Model-based Code Completion Utilizing the Internet of Things (IoT), Artificial Intelligence, Machine Learning, and Vehicle Telematics for Sustainable Growth in Small and Medium Firms (SMEs) Role of Artificial Intelligence and Big Data in Sustainable Entrepreneurship Impact of AI on Education: Innovative Tools and Trends Critique of Modern Feminism
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1