The security of the Web applications has increased rapidly over the last years. At a same time, the quantity and impact of the vulnerabilities in the Web applications have grown as well. Since the manual code reviews are time-consuming, costly and error-prone, the need for the automated solutions has become evident.


In this paper, we proposed an automated security assessment framework for Web applications. The purpose of this system is to improve the security standard of software products and applications. The end-end framework gathers information from potential clients; helps determine the scope of assessments, tools to use and the methodology for conducting assessments.


It also generates a report showing graphs and provides actionable intelligence about identified vulnerabilities. It can also be integrated with build systems used for developing and deploying applications so that security issues are caught in early phases of the SDLC. The system works as a single point of control for running security tools and scripts and managing information about security projects. By providing a single point of control, the system automates delivery of security solutions.