How Scripting in ZAP Can Bridge the Gap Between Dev Teams and Security
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore how scripting in ZAP can bridge the gap between development teams and security in this 41-minute conference talk. Delve into opportunities, obstacles, and solutions for integrating security practices into development workflows. Learn about the tester mindset, test theory, and practical steps for implementing security testing. Discover the benefits of using ZAP's scripting capabilities, including Zest, and how they compare to traditional tools. Gain insights on ISO compliance, security hardness, and the challenges faced by different development types. Conclude with a recap, summary, and references for further exploration, including information on playgrounds and the possibility of mixing Zest with Python.
Syllabus
Introduction
Who am I
Who is in the room
Opportunities
Security
Obstacles
Learning
Dev Type Line
Multiple Choice
Biggest Obstacle
Security Hardness
ISO Compliance
Tester Mindset
Test Theory
Solution
Testers
Step 1 Learning
Step 2 Testing
PIPI Scanner
Zest
Demo
Questions
Benefits
Traditional tools
Recap
Summary
References
Playgrounds
QA
Can you mix Zest in Python
Taught by
OWASP Foundation
Related Courses
DevOps CI/CD Pipeline: Automation from development to deploymentUniversidad Anáhuac via edX DevOps Pipeline: Automatización hasta el despliegue
Universidad Anáhuac via edX Exploring the Benefits of Continuous Security and Compliance for Cloud Infrastructure
Pluralsight Integrating Incident Response into DevSecOps
Pluralsight DevSecOps: Building a Secure Continuous Delivery Pipeline
LinkedIn Learning