OWASP Zed Attack Proxy

Presented at AppSec USA 2013, Nov. 20, 2013, 3 p.m. (50 minutes)

Video of session: https://www.youtube.com/watch?v=pYFtLA2yTR8&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=1 The Zed Attack Proxy (ZAP)  is now one of the most popular OWASP projects. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen tester's toolbox. After giving a quick introduction for people new to ZAP, Simon will focus on the latest features, including those developed as part of the Google Summer of Code as well as Plug-n-Hack and the Zest scripting language. Simon will also demonstrate soon to be released features that have not been seen before and are believed to be not currently possible using equivalent tools.

Presenters:

• Simon Bennetts - Security - Mozilla
  Simon Bennetts has been developing web applications since 1997, and strongly believes that you cannot build secure web applications without knowing how to attack them. He is the OWASP Zed Attack Proxy Project Leader and works for Mozilla as part of the Cloud Security Team.

Links:

• https://appsecusa2013.sched.com/event/13jbvAG/owasp-zed-attack-proxy
• https://infocon.org/cons/OWASP/AppSecUSA 2013/OWASP Zed Attack Proxy - Simon Bennetts.mp4
• https://www.youtube.com/watch?v=pYFtLA2yTR8

Similar Presentations:

• AppSec USA 2013 / OWASP Broken Web Applications (OWASP BWA): Beyond 1.0
• AppSec USA 2013 / Project Summit: ZAP Hackathon Session
• AppSec USA 2014 / Zed Attack Proxy (Zap) 101 Workshop