Implementing and Managing OWASP ZAP for DevSecOps
This course will teach you how to incorporate OWASP ZAP into a DevSecOps pipeline, while walking through the advantages of this automated setup and how to get results out in a productive way to take action on.
What you'll learn
Most development teams work in an agile methodology. Having to stop to wait on security scans, or pushing these DAST tools on developers, devops, or QA analysts to run has proven to be inadequate. In this course, Implementing and Managing OWASP ZAP for DevSecOps, you’ll learn how to automate a tool like OWASP ZAP to meet the needs of the business. First, you’ll explore how security and devops have come together. Next, you’ll discover how to setup a headless ZAP instance. Finally, you’ll learn how to run scans and return results in a way that will benefit all teams. When you’re finished with this course, you’ll have the skills and knowledge of automating OWASP ZAP scans needed to implement security into the DevSecOps pipelines.
Table of contents
About the author
Mike is an information security manager who has worked in the IT and Information Security fields for 22+ years. A broad background from helpdesk to sysadmin, system engineer, networking, DB and development work. Most of Mike's work now centers around pentests and risk assessments, but an integral part will always be awareness training. An active member in various local security groups, Mike volunteers, speaks, or attends various information security cons.