Elastic Test Tools
Topic: Elastic Tests
Related: Sonar Scans, Import a Test Asset, Fortify Scans, Nessus Scans

Arcus elastic test provides a framework for getting test results with minimal effort from a selection of integrated Elastic Test Tools. To use elastic test first:

  1. Import a Test Asset
  2. Add the Test Asset to a Deployment
  3. Launch the Deployment

When Arcus launches the deployment, it creates an elastic test tool VM in your cloudspace. When the deployment is up and ready, Arcus automatically executes the Test Asset (imported in Step 1) on the test tool VM. When the test completes, the test results are stored with the run, and you will receive an email notification.

The ElasticTest Tool VM powers down once the tests have been completed. This frees up resources in your cloudspace. If a re-test is requested, the tools will power on for only the duration of the test.

Retrieving Test Results

  1. Navigate to the Run page
  2. Click on the Test Results tab, this contains a list of test results for this run
  3. Expand the test result set that you would like to retrieve
  4. Download individual files, or the all-inclusive zip file

Generate your own Test Results

  • See the Test Script and Powershell Test Script test tools described below

Running a Re-Test

  1. First, make any necessary changes (e.g. security patches or code bug fixes)
  2. Navigate to the Run page
  3. Click the Re-Test button
  4. You will receive an email when the re-test completes
  5. Retrieve the new test results as described above

Integrated Elastic Test Tools

Currently integrated list of test tools. Please contact support if you would like a specific test tool integrated.

Tenable Nessus

  • Vulnerability scanning, malware detection
  • Configuration auditing, compliance checking

Web Exploit Suite

  • A suite comprised of three tools (Nmap, Nikto, and Metasploit)
  • Identifies IP addresses, ports, services, and known vulnerabilities
  • Attempts to exploit identified services and vulnerabilities

SmartBear soapUI

  • Test your SOAP and ReSTful Web Services
  • Automated Load/Performance Testing
  • Service simulation

Test Script (Linux)

  • Runs a bash shell script
  • Executes via bash on Red Hat 6, as the cons3rt (non-root) user
  • Store your own downloadable test results in the $REPORT_DIRECTORY
  • Your Test Script can trigger other testing or functionality
  • Sample Test Script Asset on GitHub

Powershell Test Script (Windows)

  • Runs a Powershell script
  • Executes on Windows 10, with Powershell v5 as the cons3rtett (non-admin) user
  • Store your own downloadable test results in the $env:REPORT_DIRECTORY
  • Your Test Script can trigger other testing or functionality
  • Sample Script Powershell Test Asset on GitHub

Fortify Source Code Scan

Sonarlint Source Code Scanning

  • An open-source source code quality and vulnerability scanner
  • No license required!