Hey Jeremy, RapiDAST looks like an awesome project! I think it would be a great addition to the list of services deployed in Operate First clusters.

> For onboarding, implementation of an operator and work to get it onboard is yet to be done. Any guidance or references on processes, requirements or implementation will be much appreciated.

To get started, I would suggest you request a namespace with appropriate resources on one of our clusters (the MOC/Smaug cluster should have enough resources available for you). To do so, you can follow the instructions here.

Once you get access to a namespace, you can deploy RapiDAST there and work on figuring out the implementation details for the operator.

Please let us know if the steps listed in the docs don't work for you, we are constantly trying to improve on our documentation and any feedback is appreciated.

- Anand

On Fri, Jan 21, 2022 at 12:02 AM Jeremy Choi <jechoi@redhat.com> wrote:

Hi all

RapiDAST is made public now at https://github.com/RedHatProductSecurity/rapidast.

RapiDAST is currently providing a framework for automated dynamic scanning against web API. The goal here in terms of OperateFirst is:

RapiDAST to be running as a service for the community hosted on operate first clusters. Any service running on operate first and any other community service can use RapiDAST to check for security risks in their API.

For onboarding, implementation of an operator and work to get it onboard is yet to be done. Any guidance or references on processes, requirements or implementation will be much appreciated.

Thanks
--
Jeremy Choi / Red Hat Product Security
_______________________________________________
Community mailing list -- community@lists.operate-first.cloud
To unsubscribe send an email to community-leave@lists.operate-first.cloud