Automation and scale with OWASP ZAP
A Talk by Tiago Mendo
About this talk
Have you tried scanning hundreds of web applications in a single day?
In this talk, I will explain how we use OWASP ZAP to scan web applications at scale, detailing the various challenges we faced and what solutions we implemented.
The talk will cover various challenges:
- Queueing and organizing URLs for scanning
- Authentication and session renewal
- Slow web applications and blockages
- Duplicate vulnerabilities
- Resource management (CPU / RAM / HD)
- Scan monitoring
All the work was done on top of OWASP ZAP, with various changes submitted to the project. ZAP was used for scanning, with the - crawling being done by a third-party component.
For more info on this session, please visit the session page on the Summit's website.
Tracks covered by this talk
Sponsor this Event
If you'd like to get your brand in front of Attendees contact us.