Speaker: SIMON BENNETTS - Lead OWASP Zed Attack Project and member of the Mozila Security Team

Theme: An Introduction to the OWASP Zed Attack Proxy


The Zed Attack Proxy (aka ZAP: https://www.owasp.org/index.php/ZAP)) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as experienced security professionals.

It is community project, being maintained by a worldwide group of volunteers and is completely free, open source and cross platform.
Since its release in 2010 ZAP has gone from strength to strength and is now a flagship OWASP project, with new features being introduced that are currently unavailable in commercial products.

In this talk Simon will explain what ZAP can do, who can use it and what its most suitable for.