Original Post: Application Web Full-Stack avec React et Laravel (tests SAST et DAST avec Eslint, PHPStan et OWASP… | by Catelle Ningha | Jul, 2024
The content describes a project where a full-stack web application was developed using React for the frontend and Laravel for the backend. The application, which includes features like user authentication, CRUD operations, and responsive design, demonstrates the combination of modern web development technologies to create a robust and scalable solution.
To ensure security and reliability, the developer performed both Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST). For SAST, tools like ESLint for the React frontend and PHPStan for the Laravel backend were used to identify potential code issues and vulnerabilities. These tools helped maintain code quality by identifying syntax errors and potential bugs.
For DAST, OWASP ZAP was chosen due to its open-source nature, active community support, comprehensive feature set, and adaptability. It provided automated scanning and identified various vulnerabilities in both the backend server and the frontend client, ranging from high-risk to low-risk issues.
The article concludes by emphasizing the importance of integrating both SAST and DAST into development pipelines, highlighting that automated tools alone are not sufficient. Collaboration with dedicated security teams is crucial for effective risk management and threat mitigation. Adopting these practices helps protect user data and ensures the resilience of web applications against evolving security threats.
The full project is available on the developer’s GitHub repository, and further details can be found on LinkedIn. The author encourages readers to reach out for any questions or comments.
Go here to read the Original Post