Here is a list of all the content that has been tagged as web-security.
The OWASP ZAP HTTP intercepting proxy is useful for manually attacking your Web apps and APIs. Now, we have the official Node API to programatically drive ZAP to regression test our creations. Kim will show you how to build a fully featured security regression testing CLI, consumable by your CI/nightly builds.
Automated security regression testing of your web applications and APIs, no setup required.
1. Write [test conditions](https://f0.holisticinfosecforwebdevelopers.com/chap06.html#process-and-practises-agile-development-and-practices-evil-test-conditions) - convert to [Cucumber](https://cucumber.io/)
2. Provide minimal configuration
3. Consume node CLI package
4. Run single command `purpleteam test`
Perfect for your CI/nightly build
Our agreement entitles you to unlimited 1 on 1 access to Kim via phone, SMS, email, Slack, Skype, Signal, etc. Participation is limited to 10 people. Fee is for four months.
A three part book series focused on lifting the security knowledge of Software Developers, Engineers, and their teams, so that they can continuously deliver secure technical solutions on time and within budget, without nasty surprises.
First book is complete, second book is content complete and currently in technical review.