Blazemeter Plugin - Jmeter - data security

[RKKK Nagireddi]

Hi Team, need help on blazemeter plugin.

I'm working with a financial institution. For a performance test using JMeter, I plan to use the BlazeMeter plugin. However, after recording the script, it requires me to log in to generate the .JMX script. This raises a concern: what recorded information is shared with BlazeMeter, and is the process secure?

Please help me on the same.

Thanks and Best regards

Rama Nagireddi

[Dmitri T]

As per The BlazeMeter Chrome Extension: Record JMeter, Selenium, or Synchronized JMeter and Selenium

The BlazeMeter Chrome extension records all HTTP/S requests that your browser sends while you interact with your web application. From the recording, it creates a JMeter or Selenium script and uploads it to BlazeMeter, where you can browse scripts and execute them with a single click.

so it will send all you network activity to BlazeMeter, if there is sensitive data like credentials it will be also sent there.

With regards to whether the process is "secure" you can contact BlazeMeter Support, to my knowledge since 2011 there were no data leaks from BlazeMeter.

If you care about "security" you can always switch to JMeter's HTTP(S) Test Script Recorder, it doesn't send your data anywhere for sure.