Home
Best Practices Guide
Recommended best practices for implementing Seeker in your organization
Vulnerability Handling Guidelines
Recommendations and best practices for the handling of vulnerabilities detected in your applications.

Best Practices Guide
Recommended best practices for implementing Seeker in your organization
- Best Practices
  Rolling out a new security testing tool in any organization requires quite a bit of planning and preparation.
- Planning and Preparations
  Things to plan and prepare before starting an actual Seeker implementation.
- Server Deployment and Initial Setup
  Things to consider when planning your Seeker server deployment.
- Configuration and Integration Checklist
  Make the most of Seeker by fine-tuning its settings and integrating the external tools that complement its functionality.
- Securing Seeker Deployment
  Recommended measures that can help you secure your Seeker deployment.
- Application Onboarding Checklist
  Tasks to perform to enable Seeker to test your application for security vulnerabilities.
- Application Testing Guidelines
  Once you have onboarded your application, you need to generate activity and traffic in the application for Seeker to monitor. In most cases, this happens during regular manual or automated QA testing.
- Reviewing Test Results
  Review the results of security testing of your application and included third-party and open-source components, and handle the detected vulnerabilities.
- Vulnerability Handling Guidelines
  Recommendations and best practices for the handling of vulnerabilities detected in your applications.
  - Baselining
    Some useful techniques to prioritize vulnerability handling by distinguishing between the new and historical detections in your application.
  - Checker Configuration
    You can substantially reduce the number of vulnerability detections without compromising on their significance just by fine-tuning the checker configuration.
  - Remediation policies
    To streamline the handling of security vulnerabilities detected by Seeker, consider establishing phased remediation policies.
  - Vulnerability Lifecycle Management
    How Seeker manages vulnerability lifecycle stages and transitions between them.
  - Auto-Triage Vulnerabilities Using APIs
    How to use Seeker APIs to auto-triage vulnerabilities to a selected status.
- Maintenance
  To ensure your Seeker system's health, perform periodic maintenance tasks.
- Performance Optimization
  How to minimize the potential impact of Seeker operation on application performance.

Vulnerability Handling Guidelines

Recommendations and best practices for the handling of vulnerabilities detected in your applications.

As an automated security testing tool, Seeker detects and reports a variety of vulnerabilities from highly severe to just informational. The following sections focus on the recommended activities that should help you get the most out of Seeker detections with minimal time and effort.


Activity	Information
When implementing Seeker in an active SDLC, you need to distinguish between the new detections, which should be addressed quickly, and existing historical detections, which can be addressed over time. You can achieve this by baselining the initial set of results.	Baselining
Seeker provides a variety of vulnerability checkers, however not every checker is relevant for your particular application. If you identify any checkers that generate too many detections, try to adjust these checkers' configuration.	Checker Configuration
Since no development organization has a bandwidth to handle every detection right away, effectively managing your application risk requires prioritization. Setting up and applying phased remediation policies in Seeker can help you with that.	Remediation policies
In Seeker, vulnerabilities have a lifecycle, in which they move between different stages from detection to close. Each stage is indicated by a status. In many cases, the vulnerability status changes are managed by Seeker automatically. In addition, users have an option to do that by triaging vulnerabilities manually or by using APIs.	Vulnerability Lifecycle Management
Seeker Test Runs APIs enable you to facilitate your vulnerability handling by automatically triaging vulnerabilities in bulk during test runs.	Auto-Triage Vulnerabilities Using APIs