Application Security WeeklySubscribe
Application security, Training, DevSecOps

Building a Scanner and a Community with Zed Attack Proxy – Simon Bennetts – ASW #254

Zed Attack Proxy is an essential tool for web app pentesting. The project just recently moved from OWASP to the Secure Software Project. Hear about the challenges of running an OSS security project, why Simon got involved in the first place, and why successful projects are about more than just code.

Segment Resources:

Full episode and show notes

Announcements

  • Join us at SC Media’s Investing in IAM eSummit September 19th through 20th. This two-day virtual event will provide insights from industry experts with a deep dive into identity and access management. Register now for this free event where you will gain cybersecurity knowledge and receive 6.5 CPE credits just for attending! 

    Register today: securityweekly.com/IAM

Guest

ZAP Project Lead at Software Security Project

Simon Bennetts is the Zed Attack Proxy (ZAP) Founder and Project Leader.
He has talked about and demonstrated ZAP at conferences all over the world, including Blackhat, JavaOne, FOSDEM and OWASP AppSec EU, USA & AsiaPac.
Prior to making the move into security he was a developer for 25 years and strongly believes that you cannot build secure web applications without knowing how to attack them.

Hosts

Tech Lead at Block
Senior Engineering Leader at AWS

Related

AI fixes everything, C++ the actual worst, IAM is hard – ASW #308

This week, in the Application Security News, we dismiss magical thinking and discuss what generative AI will actually be able to do for us. We also discuss whether Secure by Design's goals are practical or not. OSC&R releases a report on software supply chain that should be interesting, though neither of us had time to read it yet. Also, Wat...