|
|
| (28 intermediate revisions by 2 users not shown) |
| Line 1: |
Line 1: |
| − | '''Upcoming Talks:''' | + | '''Upcoming Talks/Training:''' |
| | | | |
| − | '''2014 Jan 27: OWASP AppSec California [http://sched.co/18f8ZVj Ben Walther: Whiz, Bang, ZAP! An introduction to OWASP's Zed Attack Proxy]'''
| + | For details of upcoming ZAP related talks or training please see the latest [https://github.com/zaproxy/zaproxy/wiki/Newsletters ZAP Newsletter] |
| − | | |
| − | The OWASP Zed Attack Proxy (ZAP) is "an easy to use integrated penetration testing tool for finding vulnerabilities in web applications."
| |
| − | | |
| − | The technology is comparable to IBM AppScan and HP WebInspect - but free, open source and maintained by OWASP volunteers.
| |
| − | | |
| − | The project has seen a tremendous amount of development lately.
| |
| − | | |
| − | Learn about the tool, what it can do for you, and optionally bring your laptop to follow along as we use it to test some (purposefully insecure) web applications.
| |
| − | | |
| − | | |
| − | '''2014 May 13-16: CF.Objective() Bloomington, MN [http://www.cfobjective.com/sessions/using-owasp-zap-to-find-vulnerabilities-in-your-web-apps/ Dave Epler: Using OWASP ZAP to find vulnerabilities in your web apps]'''
| |
| − | | |
| − | Target Audience: Developers
| |
| − | | |
| − | Assumed Knowledge: Basic knowledge of OWASP Top Ten
| |
| − | | |
| − | Objective: To learn how to use OWASP ZAP to test your web application for vulnerabilities
| |
| − | | |
| − | * What is OWASP ZAP
| |
| − | * Why use ZAP
| |
| − | * Testing for vulnerabilties with ZAP
| |
| − | * Automated Testing
| |
| − | * Directed Testing
| |
| − | * Integrating ZAP with other tools
| |
Latest revision as of 01:55, 14 November 2017
Upcoming Talks/Training:
For details of upcoming ZAP related talks or training please see the latest ZAP Newsletter
