Purple Teaming with OWASP PurpleTeam - Security Regression Testing

Explore the OWASP PurpleTeam, a security regression testing CLI and SaaS for Web applications and APIs, in this 25-minute conference talk. Dive into the three-year development journey, from proof of concept to its current state, and gain an overview of the NodeJS micro-services with pluggable tester architecture. Learn why integrating PurpleTeam into build pipelines is crucial for early detection and cost-effective resolution of application security defects. Follow a step-by-step guide on setting up and configuring all components, and discover various workflows including standalone execution with UI, pipeline integration as a spawned subprocess, and running all PurpleTeam components with debugging capabilities. Understand key aspects such as the CLI, test runs, thresholds, job files, logging, outcomes archive, CSV reports, and JSON result files to effectively implement this powerful security testing tool in your development process.

Introduction
The Journey
How does PurpleTeam help
Setting up PurpleTeam
PurpleTeam CLI
Test Run
Thresholds
Job Files
Logs
CLI Logs
Outcomes Archive
CSV Report
Job File
JSON Result Files