Difference between revisions of "Projects/OWASP Zed Attack Proxy Project/Pages/Talks"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
 
'''Upcoming Talks/Training:'''
 
'''Upcoming Talks/Training:'''
 
'''2014 Feb 23: SCALE 12x Los Angeles [http://www.socallinuxexpo.org/scale12x/presentations/zapping-your-applications Aaron Guzman: ZAPping your applications]'''
 
 
The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated testing tool for finding vulnerabilities and bugs in web applications.
 
 
ZAP is a flagship OWASP project with an active community behind it. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.
 
 
It is designed to be used by people with a wide range of experience in developing, security penetration testing and functional testing.
 
 
As such, this presentation will be covering basic to intermediate testing on web applications, use cases, basic scripting, zest scripting, and integration automation for software development lifecycle.
 
 
 
'''2014 March 17: OWASP AppSec APAC Tokyo [https://www.owasp.org/index.php/AppSecAsiaPac2014#tab=TRAINING_SESSIONS Minoru Sakai: Hands on Simple method of the penetration testing using OWASP ZAP] (Japanese)'''
 
 
This course goes through automated security testing from OWASP tools:
 
* OWASP Zed Attack Proxy
 
* OWASP Broken Web Applications
 
 
  
 
'''2014 May 13-16: CF.Objective() Bloomington, MN [http://www.cfobjective.com/sessions/using-owasp-zap-to-find-vulnerabilities-in-your-web-apps/ Dave Epler: Using OWASP ZAP to find vulnerabilities in your web apps]'''
 
'''2014 May 13-16: CF.Objective() Bloomington, MN [http://www.cfobjective.com/sessions/using-owasp-zap-to-find-vulnerabilities-in-your-web-apps/ Dave Epler: Using OWASP ZAP to find vulnerabilities in your web apps]'''
Line 29: Line 11:
 
* What is OWASP ZAP
 
* What is OWASP ZAP
 
* Why use ZAP
 
* Why use ZAP
* Testing for vulnerabilties with ZAP
+
* Testing for vulnerabilities with ZAP
 
* Automated Testing
 
* Automated Testing
 
* Directed Testing
 
* Directed Testing
 
* Integrating ZAP with other tools
 
* Integrating ZAP with other tools

Revision as of 08:47, 14 April 2014

Upcoming Talks/Training:

2014 May 13-16: CF.Objective() Bloomington, MN Dave Epler: Using OWASP ZAP to find vulnerabilities in your web apps

Target Audience: Developers

Assumed Knowledge: Basic knowledge of OWASP Top Ten

Objective: To learn how to use OWASP ZAP to test your web application for vulnerabilities

  • What is OWASP ZAP
  • Why use ZAP
  • Testing for vulnerabilities with ZAP
  • Automated Testing
  • Directed Testing
  • Integrating ZAP with other tools