Tapan Kumar Jha
Keywords:
Web Application Security, Security Automation, DAST, SAST, IAST, Fuzzing, DevSecOps, AI/ML
Abstract:
Automation in web application security testing is becoming increasingly essential to detect vulnerabilities with speed, consistency, and scalability. This paper examines current trends, emerging automation paradigms, and key tools used in DAST, SAST, IAST, RASP, and fuzzing. Drawing on industry surveys and academic research, the analysis highlights integration into CI/CD, AI/ML-enabled detections, and API and container environments. A comparative overview of leading tools—OWASP ZAP, Burp Suite, Checkmarx, Snyk, OneFuzz, and Microsoft’s Playwright—is offered. Gaps, including false-positive reduction and real-world logic testing, are examined. Recommendations include unified toolchains, expanded fuzzing for APIs, AI-enhanced workflows, and enhanced benchmarks. The conclusion envisions an integrated, intelligent security ecosystem.
|

International Journal of Recent Research and Review
ISSN: 2277-8322
Vol. XVIII, Issue 2
June 2025
|
PDF View
PUBLISHED
June 2025
ISSUE
Vol. XVIII, Issue 2
SECTION
Articles
|