Slide 22
Slide 22 text
// Continuous Lifecycle Online 2021 —> Continuous (Non)-Functional Testing of Microservice on K8s // @LeanderReimer #cloudnativenerd #qaware
OWASP Zed Attack Proxy (ZED)
• Widely used, popular, free and open source web app scanner.
• ZAP provides powerful APIs for security automation.
• Intercepting proxy, active and passive scanner, traditional and AJAX
spider, brute force scanner, port scanner, OpenAPI v3, web sockets.
• ZAP's docker images provide an easy way to run ZAP, especially in a
CI/CD environment: baseline, full scan, API scan, Webswing UI.
• Extensive documentation and international community.
22