Skip to content

FEA403-FEA405 - Security testing pipeline and scan for known security vulnerabilities
Test Case ID TC007
Test case designer Eetu Hyyrynen
Creation date 15.04.2024
Classification functional/Performance
Origin Feature

Test description / objective

This test checks if our Tukko's backend and frontend has been scanned for vulnerabilities and if our pipeline has automated security.

Pre-state

Tukko in virtual machine is accessible and running. The needed applications have been installed.

Test Steps

Step Verify Some notes
1. Go to our Tukkos fronted
2. Open Vulnerability report on gitlab
3. Look for vulnerabilities

End-State

Tukkos fronted has scanned some vulnerabilities on our pipeline.

Determination of test result (Pass / Fail Criteria)

  • PASS condition: Scan has shown vulnerabilities
  • FAIL CONDITION: Our frontend has not been scanning anything

FEA403-FEA405