Tool Chain: Zed Attack Proxy (ZAP)


On the road to continuous refinement of the Continuous Deployment (CD) pipeline, I always find that teams often forget about security testing, in a similar way to performance testing.  Teams seems to focus in code, then aContinuous Integration (CI) process at the outset.  Only later when they begin to have conversation about the first prod release do they become aware of the need for CD.  At the point of CD, they are still not thinking real CD, and thus have overlooked the needs of security (and performance), and are still fixated on the code – not the cleanliness of code.

I’m therefore curious how many readers are using OWASP Zed Attack Proxy, or similar in their tool chain.

~ by mdavey on June 20, 2015.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: