The biggest piece of advice I can give to others is to thoughtfully define your use case before using the tool. For example, you should think about questions such as: what do you want to use it for, exactly? Where do you want to use it? Do you want to use it in the sprint life cycle, or perhaps the automation area? What is your purpose in using it? Do you want to replace your existing dynamic scanner, or improve your security coverage? And it's important that you define not only your use cases, but also your compliance rules and policies that will be applied to the various projects that you create, because Seeker comes with all the capabilities to do so. Taking these factors into account will help you a great deal in taking advantage of what Seeker has to offer. And this means nailing down the right kind of issues you intend to remediate, track, and tackle using the whole project going forward. If you just integrate it and start using it without answering these kinds of questions, you are going to be faced with a huge amount of work when it comes to eliminating false positives, and clearly, that is not the right approach. I would rate Seeker a seven out of ten.
Find out what your peers are saying about Synopsys, Contrast Security, Checkmarx and others in Application Security Testing (AST). Updated: April 2024.
Application Security Testing (AST) solutions are used to identify and fix security vulnerabilities in software applications. They can be used at all stages of the software development lifecycle, from development to testing to deployment.
The biggest piece of advice I can give to others is to thoughtfully define your use case before using the tool. For example, you should think about questions such as: what do you want to use it for, exactly? Where do you want to use it? Do you want to use it in the sprint life cycle, or perhaps the automation area? What is your purpose in using it? Do you want to replace your existing dynamic scanner, or improve your security coverage? And it's important that you define not only your use cases, but also your compliance rules and policies that will be applied to the various projects that you create, because Seeker comes with all the capabilities to do so. Taking these factors into account will help you a great deal in taking advantage of what Seeker has to offer. And this means nailing down the right kind of issues you intend to remediate, track, and tackle using the whole project going forward. If you just integrate it and start using it without answering these kinds of questions, you are going to be faced with a huge amount of work when it comes to eliminating false positives, and clearly, that is not the right approach. I would rate Seeker a seven out of ten.