The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated testing tool for finding vulnerabilities and bugs in web applications. ZAP is a flagship OWASP project with an active community behind it. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. It is designed to be used by people with a wide range of experience in developing, security penetration testing and functional testing. As such, I will be covering basic to intermediate testing on web applications, use cases, basic scripting, zest scripting, integration automation for software development lifecycle and any questions that may arise.
Aaron is one of two ZAP evangelist for the Southern California area. Aaron is a member of the Open Web Application Security Project (OWASP) Los Angeles, as well as a board member for the Cloud Security Alliance Socal chapter and the First Vice President for the High Technology Crime Investigation Association of Southern California(HTCIA). Currently, Aaron works to secure the cloud as an Application Security Engineer for Fonality Inc.