Projects/OWASP Zed Attack Proxy Project/Pages/Talks

Upcoming Talks/Training:

2014 May 13-16: CF.Objective Bloomington, MN Dave Epler: Using OWASP ZAP to find vulnerabilities in your web apps

Target Audience: Developers

Assumed Knowledge: Basic knowledge of OWASP Top Ten

Objective: To learn how to use OWASP ZAP to test your web application for vulnerabilities


 * What is OWASP ZAP
 * Why use ZAP
 * Testing for vulnerabilities with ZAP
 * Automated Testing
 * Directed Testing
 * Integrating ZAP with other tools

2014 May 27: Selenium Unconfernece II, Cluj-Napoca, Romania Dave Hunt: CI with ZAP and Selenium

Dave Hunt works from home for Mozilla, where he assists teams to create automated tests for their projects - ranging from Mozilla's web properties to the Firefox web browser and Firefox OS for smart phones.

ave's talk will be an introduction to ZAP (Zed Attack Proxy) for web security testing, and a demonstration of how you can integrate it into an continuous integration system with automated functional tests using Selenium WebDriver, py.test and plugins.

2014 June 5: International Testing Conference, Tallinn, Estonia Dan Billing: New Adventures in Security

Learning new skills and experiences are key to developing any career, but in the rapidly changing world of software testing it is particularly necessary. Recently my work has led me to need to develop my security testing skills, but more than that it has opened doors into a whole new world of skills and techniques, and I am still learning more and more.

This track explores how I have approached the problems I have encountered, formulated my learning, and how I have developed an understanding of the key features of security testing in an accessible way.

2014 June 55: OWASP AppSec EU, Cambridge, UK Simon Bennetts: ZAP Advanced Features

Exact content still to be decided, but as the title suggests, this will focus on some of the more advanced ZAP features.