Projects/OWASP Zed Attack Proxy Project/Pages/Talks

Upcoming Talks/Training:

2014 April 23: NVCFUG Vienna, VA Dave Epler: Using OWASP ZAP to find vulnerabilities in your web apps

Target Audience: Developers

Assumed Knowledge: Basic knowledge of OWASP Top Ten

Objective: To learn how to use OWASP ZAP to test your web application for vulnerabilities


 * What is OWASP ZAP
 * Why use ZAP
 * Testing for vulnerabilities with ZAP
 * Automated Testing
 * Directed Testing
 * Integrating ZAP with other tools

2014 April 29: InfoSec London ‘Applification’ of business and implications for security: Securing software development

Simon will be taking part in this panel which will bring together security practitioners and developers to discuss how to build security into design.

2014 May 13-16: CF.Objective Bloomington, MN Dave Epler: Using OWASP ZAP to find vulnerabilities in your web apps

Target Audience: Developers

Assumed Knowledge: Basic knowledge of OWASP Top Ten

Objective: To learn how to use OWASP ZAP to test your web application for vulnerabilities


 * What is OWASP ZAP
 * Why use ZAP
 * Testing for vulnerabilities with ZAP
 * Automated Testing
 * Directed Testing
 * Integrating ZAP with other tools

2014 June 5: International Testing Conference, Tallinn, Estonia Dan Billing: New Adventures in Security

Learning new skills and experiences are key to developing any career, but in the rapidly changing world of software testing it is particularly necessary. Recently my work has led me to need to develop my security testing skills, but more than that it has opened doors into a whole new world of skills and techniques, and I am still learning more and more.

This track explores how I have approached the problems I have encountered, formulated my learning, and how I have developed an understanding of the key features of security testing in an accessible way.