Simon Bennetts (@psiinon) and I did a webinar last Wednesday talking about how to set up web application testing programs witih the freely-available tools OWASP Zed Attack Proxy (ZAP) and ThreadFix. The webinar was titled “Running a Web Security Testing Program with OWASP ZAP and ThreadFix” You can see the recorded webinar here:
(fullscreen video came out remarkably sharp!)
For more infomation about the tools and techniques we discussed, check out:
- Main OWASP Zed Attack Proxy (ZAP) page
- Main ThreadFix page at Denim Group
- ThreadFix Google Code site
- ThreadFix Google Group
- Mozilla Zest on Github
I wanted to personally thank Simon for taking the time to put on this webinar with us. I’m a huge fan of ZAP and I was really excited to get the opportunity to talk with folks about how ZAP and ThreadFix can be used together.
Contact us to talk about ways you can automate parts of your web application testing program with freely-available tools.
dan _at_ denimgroup.com