Session Details

ZAPping Security Vulnerabilities in Your Development Pipeline

Regular Session

When your application has a security vulnerability, will you or an attacker find it first? Reviewing code and tracking down hidden flaws can be tedious and difficult. Let the free and open source OWASP Zed Attack Proxy (ZAP) help. This session walks through four ways to use ZAP: UI, command line, scripts, and automated development pipeline. You will learn how to attack a live application in all four ways, how to target specific areas of your application for heavier scrutiny, test for specific vulnerabilities, and incorporate ZAP with your development pipeline to automate the whole process including regression testing and report generation, so that vulnerabilities are discovered the moment they are introduced.
Prerequisites
N/A
Matt Smith

NextGen Agilist
Manifest Solutions

About

A software development conference in the Louisville, KY area on March 28 - 30, 2018 designed to cover all aspects of software development regardless of development stack.

Contact Us
Keep in Touch