This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Projects/OWASP Zed Attack Proxy Project/Pages/Talks"

From OWASP
Jump to: navigation, search
Line 2: Line 2:
  
  
'''2014 July 10: OWASP Columbus Code Jam, One Easton Ova, Suite 175, Columbus, OH: [http://www.meetup.com/Columbus-OWASP/events/164937032/ Bill Sempf: OWASP Code Jam]'''
+
'''2014 September 30: JavaOne, San Fransisco, CA: [https://oracleus.activeevents.com/2014/connect/sessionDetail.ww?SESSION_ID=5320 Simon Bennetts: Security Testing for Developers Using OWASP ZAP]'''
  
Get together and code!
+
Any application exposed to the internet will be attacked, and the earlier in the development cycle you find vulnerabilities, the better.
  
This month we'll work on Zest scripting in Zed Attack Proxy.
+
This session introduces the OWASP Zed Attack Proxy (ZAP), a free, open source, Java-based integrated penetration testing tool for finding vulnerabilities in web applications.  
  
And a little Violent Python.
+
Although ZAP is widely used by security professionals, it is also ideal for anyone new to web application security and includes features specifically aimed at developers.  
  
 +
The session shows how ZAP can be used to find vulnerabilities, both manually and as part of an automated build. It also provides an overview of some of the more advanced features and explains how they can be used for more-complex security testing.
  
'''2014 August 6: Black Hat Arsenal, Las Vegas, NV: [https://www.blackhat.com/us-14/arsenal.html#Bennetts Simon Bennetts: OWASP ZAP]'''
 
  
The Zed Attack Proxy (ZAP) is currently the most active open source web application security tool and competes effectively with commercial tools.
+
'''2014 September 30: cPanel Conference, Houston, TX: [https://guidebook.com/guide/23493/event/9283922/ John "JD" Lightsey: Website Vulnerability Scanning with OWASP Zap]'''
  
While it is an ideal tool for people new to appsec, it also has many features specifically intended for advanced penetration testing.
+
This session will provide an introduction to the OWASP Zap integrated penetration testing tool. You'll see how this tool can be used to scan a web application for common security issues.
  
Simon will give a quick introduction to ZAP and then dive into the more advanced features as well as giving an overview of where its heading.
 
  
 +
'''2014 October 16-17: Black Hat Arsenal, Amsterdam: [https://www.blackhat.com/eu-14/arsenal.html#zap Zakaria Rachid: OWASP ZAP]'''
  
'''2014 September 28 - October 2: JavaOne, San Fransisco, CA: [https://oracleus.activeevents.com/2014/connect/sessionDetail.ww?SESSION_ID=5320 Simon Bennetts: Security Testing for Developers Using OWASP ZAP]'''
+
The Zed Attack Proxy (ZAP) is currently the most active open source web application security tool and competes effectively with commercial tools.
  
Any application exposed to the internet will be attacked, and the earlier in the development cycle you find vulnerabilities, the better.
+
While it is an ideal tool for people new to appsec, it also has many features specifically intended for advanced penetration testing.
 
 
This session introduces the OWASP Zed Attack Proxy (ZAP), a free, open source, Java-based integrated penetration testing tool for finding vulnerabilities in web applications.  
 
  
Although ZAP is widely used by security professionals, it is also ideal for anyone new to web application security and includes features specifically aimed at developers.
+
Zack will give a quick introduction to ZAP and then dive into the more advanced features, presenting some useful scripts as well as giving an overview of where its heading.
 
 
The session shows how ZAP can be used to find vulnerabilities, both manually and as part of an automated build. It also provides an overview of some of the more advanced features and explains how they can be used for more-complex security testing.
 

Revision as of 09:14, 25 September 2014

Upcoming Talks/Training:


2014 September 30: JavaOne, San Fransisco, CA: Simon Bennetts: Security Testing for Developers Using OWASP ZAP

Any application exposed to the internet will be attacked, and the earlier in the development cycle you find vulnerabilities, the better.

This session introduces the OWASP Zed Attack Proxy (ZAP), a free, open source, Java-based integrated penetration testing tool for finding vulnerabilities in web applications.

Although ZAP is widely used by security professionals, it is also ideal for anyone new to web application security and includes features specifically aimed at developers.

The session shows how ZAP can be used to find vulnerabilities, both manually and as part of an automated build. It also provides an overview of some of the more advanced features and explains how they can be used for more-complex security testing.


2014 September 30: cPanel Conference, Houston, TX: John "JD" Lightsey: Website Vulnerability Scanning with OWASP Zap

This session will provide an introduction to the OWASP Zap integrated penetration testing tool. You'll see how this tool can be used to scan a web application for common security issues.


2014 October 16-17: Black Hat Arsenal, Amsterdam: Zakaria Rachid: OWASP ZAP

The Zed Attack Proxy (ZAP) is currently the most active open source web application security tool and competes effectively with commercial tools.

While it is an ideal tool for people new to appsec, it also has many features specifically intended for advanced penetration testing.

Zack will give a quick introduction to ZAP and then dive into the more advanced features, presenting some useful scripts as well as giving an overview of where its heading.