How Scripting in ZAP Can Bridge the Gap Between Dev Teams and Security
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore how scripting in ZAP can bridge the gap between development teams and security in this 41-minute conference talk. Delve into opportunities, obstacles, and solutions for integrating security practices into development workflows. Learn about the tester mindset, test theory, and practical steps for implementing security testing. Discover the benefits of using ZAP's scripting capabilities, including Zest, and how they compare to traditional tools. Gain insights on ISO compliance, security hardness, and the challenges faced by different development types. Conclude with a recap, summary, and references for further exploration, including information on playgrounds and the possibility of mixing Zest with Python.
Syllabus
Introduction
Who am I
Who is in the room
Opportunities
Security
Obstacles
Learning
Dev Type Line
Multiple Choice
Biggest Obstacle
Security Hardness
ISO Compliance
Tester Mindset
Test Theory
Solution
Testers
Step 1 Learning
Step 2 Testing
PIPI Scanner
Zest
Demo
Questions
Benefits
Traditional tools
Recap
Summary
References
Playgrounds
QA
Can you mix Zest in Python
Taught by
OWASP Foundation
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network