This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Projects/OWASP Zed Attack Proxy Project/Pages/Talks"

From OWASP
Jump to: navigation, search
Line 2: Line 2:
  
  
'''2014 October 31: Open World Forum, Paris, France: [http://www.openworldforum.paris/fr/tracks/security-secdev#talk_429  Sébastien Gioria: Application Security testing with Zed Attack Proxy]'''
+
'''2014 November 22: Null, Bangalore: [http://swachalit.null.co.in/event_sessions/171-owasp-zap-tool-demo Marudhamaran Gunasekaran: OWASP ZAP Tool Demo]'''
  
This will include both a talk and demo of ZAP.
+
The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. Originally a fork of the Paros Proxy project, ZAP targets a wide range of software professionals right from a software developer to a penetration tester working on any platform that supports Java. Equipped with a myriad a features and support for custom addons, ZAP is fully documented in an easy to understand language.
  
 
+
We would see a demonstration of how to set up and how to use it all.
'''2014 November 11: Agile Testing Days, Potsdam, Germany: [http://www.agiletestingdays.com/session/security-testing-agile-context/ Bill Matthews: Security Testing in an Agile Context]'''
 
 
 
With each iteration producing a potentially deployable release, testing on an Agile project needs to cover a broad range of tests is a short period of time. All too often, Security Testing is one of those areas that is omitted due to a lack of experience and understanding of how to approach Security in an Agile context.
 
 
 
In this talk, we will look at key principles that can allow us to integrate security testing into each iteration. We will start with looking at Threat Modelling as a means to understand what is important to test before moving onto methods for generating test ideas. We will then examine ideas of how to implement these checks/tests and how they can be integrated into your current testing practices.
 
 
 
Bill will be covering a bit about ZAP as part of this talk :)
 

Revision as of 17:29, 20 November 2014

Upcoming Talks/Training:


2014 November 22: Null, Bangalore: Marudhamaran Gunasekaran: OWASP ZAP Tool Demo

The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. Originally a fork of the Paros Proxy project, ZAP targets a wide range of software professionals right from a software developer to a penetration tester working on any platform that supports Java. Equipped with a myriad a features and support for custom addons, ZAP is fully documented in an easy to understand language.

We would see a demonstration of how to set up and how to use it all.

Retrieved from "https://wiki.owasp.org/index.php?title=Projects/OWASP_Zed_Attack_Proxy_Project/Pages/Talks&oldid=185653"