Automation and scale with OWASP ZAP

A Talk by Tiago Mendo

Register to watch this content

By submitting you agree to the Terms & Privacy Policy
Watch this content now

About this talk

Have you tried scanning hundreds of web applications in a single day?

In this talk, I will explain how we use OWASP ZAP to scan web applications at scale, detailing the various challenges we faced and what solutions we implemented.

The talk will cover various challenges:

- Queueing and organizing URLs for scanning

- Authentication and session renewal

- Slow web applications and blockages

- Duplicate vulnerabilities

- Resource management (CPU / RAM / HD)

- Scan monitoring

All the work was done on top of OWASP ZAP, with various changes submitted to the project. ZAP was used for scanning, with the - crawling being done by a third-party component.

For more info on this session, please visit the session page on the Summit's website.

Tracks covered by this talk

Sponsor this Event

Your logo could go here!

If you'd like to get your brand in front of Attendees contact us.

Loading content...

Loading content...