Implementing and Managing OWASP ZAP for DevSecOps

This course will teach you how to incorporate OWASP ZAP into a DevSecOps pipeline, while walking through the advantages of this automated setup and how to get results out in a productive way to take action on.

Most development teams work in an agile methodology. Having to stop to wait on security scans, or pushing these DAST tools on developers, devops, or QA analysts to run has proven to be inadequate. In this course, Implementing and Managing OWASP ZAP for DevSecOps, you’ll learn how to automate a tool like OWASP ZAP to meet the needs of the business. First, you’ll explore how security and devops have come together. Next, you’ll discover how to setup a headless ZAP instance. Finally, you’ll learn how to run scans and return results in a way that will benefit all teams. When you’re finished with this course, you’ll have the skills and knowledge of automating OWASP ZAP scans needed to implement security into the DevSecOps pipelines.

• Course Overview 1min
• ZAP’s Role in DevSecOps 14mins
• Implementing OWASP ZAP 35mins
• Implementing ZAP in a Pipeline 26mins