Home
Best Practices Guide
Recommended best practices for implementing Seeker in your organization
Application Onboarding Checklist
Tasks to perform to enable Seeker to test your application for security vulnerabilities.

Best Practices Guide
Recommended best practices for implementing Seeker in your organization
- Best Practices
  Rolling out a new security testing tool in any organization requires quite a bit of planning and preparation.
- Planning and Preparations
  Things to plan and prepare before starting an actual Seeker implementation.
- Server Deployment and Initial Setup
  Things to consider when planning your Seeker server deployment.
- Configuration and Integration Checklist
  Make the most of Seeker by fine-tuning its settings and integrating the external tools that complement its functionality.
- Securing Seeker Deployment
  Recommended measures that can help you secure your Seeker deployment.
- Application Onboarding Checklist
  Tasks to perform to enable Seeker to test your application for security vulnerabilities.
  - Creating Projects
    Create and configure projects to collect vulnerabilities and manage settings associated with your application.
  - Managing User Access
    Establish the Seeker user base and enable user access to various features and operations.
- Application Testing Guidelines
  Once you have onboarded your application, you need to generate activity and traffic in the application for Seeker to monitor. In most cases, this happens during regular manual or automated QA testing.
- Reviewing Test Results
  Review the results of security testing of your application and included third-party and open-source components, and handle the detected vulnerabilities.
- Vulnerability Handling Guidelines
  Recommendations and best practices for the handling of vulnerabilities detected in your applications.
- Maintenance
  To ensure your Seeker system's health, perform periodic maintenance tasks.
- Performance Optimization
  How to minimize the potential impact of Seeker operation on application performance.

Application Onboarding Checklist

Tasks to perform to enable Seeker to test your application for security vulnerabilities.


Tasks	Owner	Information
1. Ensure network connectivity between the Agent and the Seeker server by configuring the firewall to allow incoming TCP/IP and WebSocket connections to the server (default ports HTTP 8080/HTTPS 8443).	IT/Security
2. Create and configure a project to manage your application's testing.	Seeker admin	Creating Projects
3. Connect an Agent that matches your application's technology and target platform.	DevOps	Connecting and Upgrading Agents
4. Enable Seeker to sync the version of the project with the automatically detected version of your application.	Seeker admin	Configure Project Version Management
5. Enable user access to the project.	Seeker admin	Managing User Access
6. Configure the automatic delivery of vulnerability detections to your bug tracking system.	Seeker admin	Configure Bug Tracking Integration
7. Perform security compliance checks in CI/CD pipeline by stopping a build if an application doesn't comply with the security policy, for example, upon detection of any critical or high vulnerability. You can do this by defining an additional Jenkins build step or by including an API call /api/{ver}/vulnerabilities as a condition in a build script.	DevOps	Install and Configure Seeker Jenkins Plugin Vulnerability Management