Topic: Elastic Tests
Sonar Scans
How to Run a Sonar Scan Step 1: Create a Sonar Test Asset There is a Sample Sonar Scan asset on GitHub you can use out-of-the-box, or customize. Please see the sample Sonar Asset for instructions on how to use or create your Test Asset. Step 2: Create a Deployment Create a Deployment and add the Sonar Test Asset from Step 1. You DO NOT need to add a Scenario to your Sonar Deployment.
How to Run a Sonar Scan Step 1: Create a Sonar Test Asset There is a Sample Sonar Scan asset on GitHub you can use out-of-the-box, or customize. Please see the sample Sonar Asset for instructions on how to use or create your Test Asset. Step 2: Create a Deployment Create a Deployment and add the Sonar Test Asset from Step 1. You DO NOT need to add a Scenario to your Sonar Deployment.
Import a Test Asset
This article describes import a Test Asset for one of the Elastic Test Tools (e.g. Nessus, Fortify, Sonar) into Arcus Import Test Assets First, create a zip file containing the contents of your Test Asset Next to Tests on the main menu, click Add (Note: if you do not see Note: If you do not see the Add button, you do not have asset developer permissions in your project. Contact one of your project owners to adjust your permissions.
This article describes import a Test Asset for one of the Elastic Test Tools (e.g. Nessus, Fortify, Sonar) into Arcus Import Test Assets First, create a zip file containing the contents of your Test Asset Next to Tests on the main menu, click Add (Note: if you do not see Note: If you do not see the Add button, you do not have asset developer permissions in your project. Contact one of your project owners to adjust your permissions.
Fortify Scans
How to Run a Fortify Scan Step 1: Create a Fortify Test Asset There is a Sample Fortify Scan asset on GitHub you can use out-of-the-box, or customize. Please see the sample Fortify Asset for instructions on how to use or create your Test Asset. Step 2: Create a Deployment Create a Deployment and add the Fortify Test Asset from Step 1. You DO NOT need to add a Scenario to your Fortify Deployment.
How to Run a Fortify Scan Step 1: Create a Fortify Test Asset There is a Sample Fortify Scan asset on GitHub you can use out-of-the-box, or customize. Please see the sample Fortify Asset for instructions on how to use or create your Test Asset. Step 2: Create a Deployment Create a Deployment and add the Fortify Test Asset from Step 1. You DO NOT need to add a Scenario to your Fortify Deployment.
Elastic Test Tools
Arcus elastic test provides a framework for getting test results with minimal effort from a selection of integrated Elastic Test Tools. To use elastic test first: Import a Test Asset Add the Test Asset to a Deployment Launch the Deployment When Arcus launches the deployment, it creates an elastic test tool VM in your cloudspace. When the deployment is up and ready, Arcus automatically executes the Test Asset (imported in Step 1) on the test tool VM.
Arcus elastic test provides a framework for getting test results with minimal effort from a selection of integrated Elastic Test Tools. To use elastic test first: Import a Test Asset Add the Test Asset to a Deployment Launch the Deployment When Arcus launches the deployment, it creates an elastic test tool VM in your cloudspace. When the deployment is up and ready, Arcus automatically executes the Test Asset (imported in Step 1) on the test tool VM.
Nessus Scans
Nessus is a test tool used to identify system vulnerabilities (NOTE: Nessus is known as ACAS in the DISA community). Nessus allows scans for many types of vulnerabilities such as: Vulnerabilities - scan for weaknesses that a remote hacker can use to control or access sensitive data on a system Misconfiguration - (e.g. open mail relay, missing patches, etc.) Default passwords - Scan for common passwords, and blank/absent passwords on some system accounts.
Nessus is a test tool used to identify system vulnerabilities (NOTE: Nessus is known as ACAS in the DISA community). Nessus allows scans for many types of vulnerabilities such as: Vulnerabilities - scan for weaknesses that a remote hacker can use to control or access sensitive data on a system Misconfiguration - (e.g. open mail relay, missing patches, etc.) Default passwords - Scan for common passwords, and blank/absent passwords on some system accounts.