In the first part of this series, we have discussed the risks inherent in exposing the Actuator functionality of the Spring framework. If you haven't read that part yet, I recommend that you do so before reading this article. In this article, we will discuss how we can detect exposed Spring Actuators in an application that you have source code access. We will begin with manual steps, and then look at how you can automate the process using static security testing tools (dynamic testing wi...