Would I be able to easily use beSTORM?
beSTORM is no more complicated than typical QA tools, and is in fact much easier to use than most. Due to the fact that the testing is automated, the averag...
Wed, 7 Apr, 2021 at 3:42 AM
How and Where is beSTORM installed?
beSTORM is a software you install on your servers. One component of beSTORM (the monitoring component) is installed on the server where your product is inst...
Wed, 7 Apr, 2021 at 3:42 AM
Who beSTORM is intended for?
beSTORM is designed to be used in a software engineering environment and should be exercised by developers, quality assurance teams and security professiona...
Wed, 7 Apr, 2021 at 3:43 AM
Why beSTORM is so powerful?
The main difference between source code testing tools and beSTORM is that beSTORM does not require the source code. beSTORM tests the protocol rather than t...
Wed, 7 Apr, 2021 at 3:43 AM
How is beSTORM different than Automated Scanning?
Automated Scanning, like other Vulnerability Assessment (VA) tools, searches for known vulnerabilities in known products. While it will sometimes find unkno...
Wed, 7 Apr, 2021 at 3:44 AM
How does beSTORM find vulnerabilities during the development cycle without source code?
beSTORM tests the binary application, and is therefore completely indifferent to the programming language or system libraries used. This allows a separate t...
Wed, 7 Apr, 2021 at 3:44 AM
API-Fuzzing : How is beSTORM different from API-Penetration testing by Scanners and DAST-tools ?
API-Penetration testing Scanners are usually web site related API, beSTORM is a generic API testing, including but not limited to Web API - we can support: ...
Wed, 7 Apr, 2021 at 3:45 AM
In case we build embedded-systems using Protocol-stacks (ethernet,TCP-IP,DHCP,Bluetooth,WiFi) from well-known vendors, is fuzz testing helpful?
Yes, if for example you enabled, jumbo packets (TCP) which is not enabled by default on most OS systems, then fuzzing while this is turned on would be proba...
Wed, 7 Apr, 2021 at 3:48 AM
Does API-Fuzzer (in beSTORM) perform Login-Authentication based on Auth-methods (Oauth2, JWT tokens, cookies)?
Yes it can, though we do not recommend it as the number of tests per second that can be tested would get reduced because of the authentication (considering ...
Wed, 7 Apr, 2021 at 3:48 AM
What formats does API-fuzzer expect API-definitions?
Postman, Swagger and OpenAPI format are supported.
Fri, 14 May, 2021 at 12:03 AM