One of the biggest concerns with dynamic security testing (DAST) tools is the extensive time they take to set up and scan applications. These slowdowns can cause delays in the build, which in the past has made teams wary of implementing regular security testing for their software.
The solution? Automated testing.
In this course, we're going to look at strategies to integrate popular DAST tools in the open source automation platform, Jenkins. We’ll explore multiple approaches to help us decrease the scan time and simultaneously increase their efficiency.
We're predominantly going to look at integrating OWASP ZAP as it's an open-source tool, but the strategies we discuss can be implemented with other tools as well. We start with the basics, from initializing Jenkins and installing the ZAP plugin, and move onto automating various ZAP scans.
All our lessons are taught using intuitive hands-on labs tailored specifically for these courses. Once you complete the course, you’ll be proficient in automating DAST scans to significantly speed up your development process.
ZAP Plugin Scan
ZAP Spider Scan
OWASP ZAP - Baseline Scan
OWASP ZAP - Parameterized Scan