Automation and scale with OWASP ZAP

A Talk by Tiago Mendo
Probely

Register to watch this content

By submitting you agree to the Terms & Privacy Policy
Watch this content now

About this talk

Have you tried scanning hundreds of web applications in a single day?

In this talk, I will explain how we use OWASP ZAP to scan web applications at scale, detailing the various challenges we faced and what solutions we implemented.

The talk will cover various challenges:

- Queueing and organizing URLs for scanning

- Authentication and session renewal

- Slow web applications and blockages

- Duplicate vulnerabilities

- Resource management (CPU / RAM / HD)

- Scan monitoring

All the work was done on top of OWASP ZAP, with various changes submitted to the project. ZAP was used for scanning, with the - crawling being done by a third-party component.

For more info on this session, please visit the session page on the Summit's website.

Tracks covered by this talk

OWASP Projects

DevSecOps

Sponsor this Event

Your logo could go here!

If you'd like to get your brand in front of Attendees contact us.

We use cookies

This website (and some of its third-party tools) use cookies. These are important as they allow us to deliver an exceptional experience whilst browsing the site.

By clicking 'Accept', you agree to the use of cookies.

Accept

To learn more see our Privacy Policy


Loading content...


Loading content...
Cancel