Difference between revisions of "Projects/OWASP Zed Attack Proxy Project/Pages/Talks"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
 
'''Upcoming Talks/Training:'''
 
'''Upcoming Talks/Training:'''
  
'''2014 April 23: NVCFUG Vienna, VA [http://www.meetup.com/nvcfug/events/174673062/ Dave Epler: Using OWASP ZAP to find vulnerabilities in your web apps]'''
+
'''2014 May 13-16: CF.Objective() Bloomington, MN [http://www.cfobjective.com/sessions/using-owasp-zap-to-find-vulnerabilities-in-your-web-apps/ Dave Epler: Using OWASP ZAP to find vulnerabilities in your web apps]'''
  
 
Target Audience: Developers
 
Target Audience: Developers
Line 17: Line 17:
  
  
'''2014 April 29: InfoSec London [http://www.infosec.co.uk/en/Sessions/4738/Applification-of-business-and-implications-for-security-Securing-software-development ‘Applification’ of business and implications for security: Securing software development]'''
+
'''2014 May 27: Selenium Unconfernece II, Cluj-Napoca, Romania [https://www.eventbrite.co.uk/e/selenium-unconference-ii-registration-11268980825 Dave Hunt: CI with ZAP and Selenium]'''
  
[https://www.owasp.org/index.php/User:Simon_Bennetts Simon] will be taking part in this panel which will bring together security practitioners and developers to discuss how to build security into design.
+
Dave Hunt works from home for Mozilla, where he assists teams to create automated tests for their projects - ranging from Mozilla's web properties to the Firefox web browser and Firefox OS for smart phones.
  
 +
ave's talk will be an introduction to ZAP (Zed Attack Proxy) for web security testing, and a demonstration of how you can integrate it into an continuous integration system with automated functional tests using Selenium WebDriver, py.test and plugins.
  
'''2014 May 13-16: CF.Objective() Bloomington, MN [http://www.cfobjective.com/sessions/using-owasp-zap-to-find-vulnerabilities-in-your-web-apps/ Dave Epler: Using OWASP ZAP to find vulnerabilities in your web apps]'''
 
  
Target Audience: Developers
+
'''2014 June 5: International Testing Conference, Tallinn, Estonia [http://nordictestingdays.eu/new-adventures-security-testing Dan Billing: New Adventures in Security]'''
  
Assumed Knowledge: Basic knowledge of OWASP Top Ten
+
Learning new skills and experiences are key to developing any career, but in the rapidly changing world of software testing it is particularly necessary. Recently my work has led me to need to develop my security testing skills, but more than that it has opened doors into a whole new world of skills and techniques, and I am still learning more and more.
  
Objective: To learn how to use OWASP ZAP to test your web application for vulnerabilities
+
This track explores how I have approached the problems I have encountered, formulated my learning, and how I have developed an understanding of the key features of security testing in an accessible way.
  
* What is OWASP ZAP
 
* Why use ZAP
 
* Testing for vulnerabilities with ZAP
 
* Automated Testing
 
* Directed Testing
 
* Integrating ZAP with other tools
 
  
 +
'''2014 June 55: OWASP AppSec EU, Cambridge, UK [http://sched.co/1lS3vDS Simon Bennetts: ZAP Advanced Features]'''
  
'''2014 June 5: International Testing Conference, Tallinn, Estonia [http://nordictestingdays.eu/new-adventures-security-testing Dan Billing: New Adventures in Security]'''
+
Exact content still to be decided, but as the title suggests, this will focus on some of the more advanced ZAP features.
 
+
Learning new skills and experiences are key to developing any career, but in the rapidly changing world of software testing it is particularly necessary. Recently my work has led me to need to develop my security testing skills, but more than that it has opened doors into a whole new world of skills and techniques, and I am still learning more and more.
+
 
+
This track explores how I have approached the problems I have encountered, formulated my learning, and how I have developed an understanding of the key features of security testing in an accessible way.
+

Revision as of 04:07, 14 May 2014

Upcoming Talks/Training:

2014 May 13-16: CF.Objective() Bloomington, MN Dave Epler: Using OWASP ZAP to find vulnerabilities in your web apps

Target Audience: Developers

Assumed Knowledge: Basic knowledge of OWASP Top Ten

Objective: To learn how to use OWASP ZAP to test your web application for vulnerabilities

  • What is OWASP ZAP
  • Why use ZAP
  • Testing for vulnerabilities with ZAP
  • Automated Testing
  • Directed Testing
  • Integrating ZAP with other tools


2014 May 27: Selenium Unconfernece II, Cluj-Napoca, Romania Dave Hunt: CI with ZAP and Selenium

Dave Hunt works from home for Mozilla, where he assists teams to create automated tests for their projects - ranging from Mozilla's web properties to the Firefox web browser and Firefox OS for smart phones.

ave's talk will be an introduction to ZAP (Zed Attack Proxy) for web security testing, and a demonstration of how you can integrate it into an continuous integration system with automated functional tests using Selenium WebDriver, py.test and plugins.


2014 June 5: International Testing Conference, Tallinn, Estonia Dan Billing: New Adventures in Security

Learning new skills and experiences are key to developing any career, but in the rapidly changing world of software testing it is particularly necessary. Recently my work has led me to need to develop my security testing skills, but more than that it has opened doors into a whole new world of skills and techniques, and I am still learning more and more.

This track explores how I have approached the problems I have encountered, formulated my learning, and how I have developed an understanding of the key features of security testing in an accessible way.


2014 June 55: OWASP AppSec EU, Cambridge, UK Simon Bennetts: ZAP Advanced Features

Exact content still to be decided, but as the title suggests, this will focus on some of the more advanced ZAP features.