This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Projects/OWASP Zed Attack Proxy Project/Pages/Talks"

From OWASP
Jump to: navigation, search
m (Remove frequency reference)
 
(20 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
'''Upcoming Talks/Training:'''
 
'''Upcoming Talks/Training:'''
  
'''2014 June 5: International Testing Conference, Tallinn, Estonia [http://nordictestingdays.eu/new-adventures-security-testing Dan Billing: New Adventures in Security]'''
+
For details of upcoming ZAP related talks or training please see the latest [https://github.com/zaproxy/zaproxy/wiki/Newsletters ZAP Newsletter]
 
 
Learning new skills and experiences are key to developing any career, but in the rapidly changing world of software testing it is particularly necessary. Recently my work has led me to need to develop my security testing skills, but more than that it has opened doors into a whole new world of skills and techniques, and I am still learning more and more.
 
 
 
This track explores how I have approached the problems I have encountered, formulated my learning, and how I have developed an understanding of the key features of security testing in an accessible way.
 
 
 
 
 
'''2014 June 24: Velocity, Santa Clara, CA [http://velocityconf.com/velocity2014/public/schedule/detail/34139 James Wickett, Gareth Rushgrove] Battle-tested Code without the Battle - Security Testing and Continuous Integration'''
 
 
 
Everyone knows that we need to harden our code before it goes into production, but very few actually test for security flaws in their delivery pipeline. We will show a basic continuous delivery pipeline that should be familiar to anyone who has worked with continuous integration, and then proceed to add steps to identify security issues in a typical web application stack.
 
 
 
Attendees will be able to follow along either online or by building the pipeline locally on their own computers. All of the source code will be open source and available for people to use for testing their own applications after the conference. We’ll use a range of open source technology including OWASP ZAP, Gauntlt, Jenkins, Vagrant and more.
 
 
 
 
 
'''2014 June 25: OWASP AppSec EU, Cambridge, UK [http://sched.co/1lS3vDS Simon Bennetts: ZAP Advanced Features]'''
 
 
 
Exact content still to be decided, but as the title suggests, this will focus on some of the more advanced ZAP features.
 

Latest revision as of 01:55, 14 November 2017

Upcoming Talks/Training:

For details of upcoming ZAP related talks or training please see the latest ZAP Newsletter