security development/testing tools for EdgeX?

Zeng, Tingyu <tingyu.zeng@...>

David & Riaz,


As we are getting close to identify the security features of EdgeX, we have covered KONG/Traeffic etc as reverse proxy, HashiCorp Vault for local secret protection etc, however it seems  security testing is something that hasn’t been brought out for discussion.


I am thinking some testing tools list here that may benefit the product, such as

-          Static code analysis ( VeraCode etc)

-          Pen testing suite (Metasploit, Nessus)

-          Container security ( Twistlock etc.)


what are your opinions regarding security tools that may benefit the development and testing in a big scope?





Join to automatically receive all group messages.