In my organization we have pretty stringent requirements on security, and all of our http endpoints get tested with the BURP suite from PortSwigger.net. My service is accepting bi-directional streaming requests and now it needs to be tested. Like i mentioned the default tool is BURP and the only mention of gRPC I could find is this https://forum.portswigger.net/thread/http-2-and-grpc-support-52da4c5677b4.
Has anyone done this kind of testing? If so, could you please share how you did it? The question to gRPC devs - how do you validate and perform vulnerability scans on gRPC endpoints? What is the best way to address this need? Sincerely, Aleks -- You received this message because you are subscribed to the Google Groups "grpc.io" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/grpc-io/c610140e-77c6-4148-801f-73441fd3db7en%40googlegroups.com.
