Difference between revisions of "Projects/OWASP Zed Attack Proxy Project/Pages/Talks"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
'''Upcoming Talks:'''
+
'''Upcoming Talks/Training:'''
  
 
'''2014 Feb 23: SCALE 12x Los Angeles [http://www.socallinuxexpo.org/scale12x/presentations/zapping-your-applications Aaron Guzman: ZAPping your applications]'''
 
'''2014 Feb 23: SCALE 12x Los Angeles [http://www.socallinuxexpo.org/scale12x/presentations/zapping-your-applications Aaron Guzman: ZAPping your applications]'''
Line 10: Line 10:
  
 
As such, this presentation will be covering basic to intermediate testing on web applications, use cases, basic scripting, zest scripting, and integration automation for software development lifecycle.  
 
As such, this presentation will be covering basic to intermediate testing on web applications, use cases, basic scripting, zest scripting, and integration automation for software development lifecycle.  
 +
 +
 +
'''2014 March 17: OWASP AppSec APAC Tokyo [https://www.owasp.org/index.php/AppSecAsiaPac2014#tab=TRAINING_SESSIONS Minoru Sakai: Hands on Simple method of the penetration testing using OWASP ZAP] (Japanese)'''
 +
 +
This course goes through automated security testing from OWASP tools:
 +
* OWASP Zed Attack Proxy
 +
* OWASP Broken Web Applications
  
  

Revision as of 04:24, 31 January 2014

Upcoming Talks/Training:

2014 Feb 23: SCALE 12x Los Angeles Aaron Guzman: ZAPping your applications

The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated testing tool for finding vulnerabilities and bugs in web applications.

ZAP is a flagship OWASP project with an active community behind it. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.

It is designed to be used by people with a wide range of experience in developing, security penetration testing and functional testing.

As such, this presentation will be covering basic to intermediate testing on web applications, use cases, basic scripting, zest scripting, and integration automation for software development lifecycle.


2014 March 17: OWASP AppSec APAC Tokyo Minoru Sakai: Hands on Simple method of the penetration testing using OWASP ZAP (Japanese)

This course goes through automated security testing from OWASP tools:

  • OWASP Zed Attack Proxy
  • OWASP Broken Web Applications


2014 May 13-16: CF.Objective() Bloomington, MN Dave Epler: Using OWASP ZAP to find vulnerabilities in your web apps

Target Audience: Developers

Assumed Knowledge: Basic knowledge of OWASP Top Ten

Objective: To learn how to use OWASP ZAP to test your web application for vulnerabilities

  • What is OWASP ZAP
  • Why use ZAP
  • Testing for vulnerabilties with ZAP
  • Automated Testing
  • Directed Testing
  • Integrating ZAP with other tools