How Scripting in ZAP Can Bridge the Gap Between Dev Teams and Security
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore how scripting in ZAP can bridge the gap between development teams and security in this 41-minute conference talk. Delve into opportunities, obstacles, and solutions for integrating security practices into development workflows. Learn about the tester mindset, test theory, and practical steps for implementing security testing. Discover the benefits of using ZAP's scripting capabilities, including Zest, and how they compare to traditional tools. Gain insights on ISO compliance, security hardness, and the challenges faced by different development types. Conclude with a recap, summary, and references for further exploration, including information on playgrounds and the possibility of mixing Zest with Python.
Syllabus
Introduction
Who am I
Who is in the room
Opportunities
Security
Obstacles
Learning
Dev Type Line
Multiple Choice
Biggest Obstacle
Security Hardness
ISO Compliance
Tester Mindset
Test Theory
Solution
Testers
Step 1 Learning
Step 2 Testing
PIPI Scanner
Zest
Demo
Questions
Benefits
Traditional tools
Recap
Summary
References
Playgrounds
QA
Can you mix Zest in Python
Taught by
OWASP Foundation
Related Courses
Web and Mobile Testing with SeleniumUniversity of Minnesota via Coursera DevOps Pipeline: Automatización hasta el despliegue
Universidad Anáhuac via edX Programming Foundations: Software Testing/QA
LinkedIn Learning Security Assessment and Testing for CISSP®
Pluralsight EU Panel: The Joys of Integrating Security Testing into Your Pipeline
Pluralsight