Abstract
Abstract — As organizations increasingly adopt microservices architectures for building scalable and resilient applications, ensuring the security of these distributed systems becomes paramount. In this empirical study, we conduct a comprehensive comparative analysis to assess the efficacy of three leading security scanning tools, namely Veracode, Snyk, and Checkmarx, in identifying and remedying security vulnerabilities within microservices applications deployed on the AWS and Azure cloud platforms. The study aims to provide nuanced insights into the performance, usability, and integration capabilities of these tools, offering valuable guidance to organizations striving to fortify their microservices-based infrastructures. By meticulously evaluating scanning capabilities, vulnerability detection accuracy, remediation guidance comprehensiveness, CI/CD pipeline integration proficiency, and overall ease of use, our research sheds light on the relative strengths and weaknesses of each tool in the context of modern cloud-native application security. Through meticulously designed experiments utilizing realistic microservices application scenarios encompassing diverse vulnerability types, including injection attacks, authentication bypasses, and insecure configurations, we present a thorough examination of the tools' capabilities and limitations. The findings from our study contribute to the evolving discourse on microservices security, emphasizing the critical importance of selecting appropriate security scanning solutions tailored to the unique requirements and constraints of cloud-based microservices architectures. By leveraging the insights gleaned from our comparative analysis, organizations can make well-informed decisions regarding tool selection and deployment strategies, thereby bolstering the resilience of their microservices ecosystems against an ever-expanding threat landscape.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
More From: Journal of Artificial Intelligence General science (JAIGS) ISSN:3006-4023
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.