Zeng, Tingyu <tingyu.zeng@...>
David & Riaz,
As we are getting close to identify the security features of EdgeX, we have covered KONG/Traeffic etc as reverse proxy, HashiCorp Vault for local secret protection etc, however it seems security testing is something that hasn’t been brought out for discussion.
I am thinking some testing tools list here that may benefit the product, such as
- Static code analysis ( VeraCode etc)
- Pen testing suite (Metasploit, Nessus)
- Container security ( Twistlock etc.)
what are your opinions regarding security tools that may benefit the development and testing in a big scope?