Stung by OWASP Chatting with the creator of the most popular web app scanner (Ep 570)
original address:Stung by OWASP? Chatting with the creator of the most popular web app scanner (Ep. 570) (opens new window)
Simon Bennetts, founder and project lead of OWASP ZAP, joins the home team to talk about how he came to create the world’s most-used web app scanner, why open-source projects need long-term contributors, and how recent AI advancements could introduce new security vulnerabilities.
Simon Bennetts, founder and project lead of OWASP ZAP, joins the home team to talk about how he came to create the world’s most-used web app scanner, why open-source projects need long-term contributors, and how recent AI advancements could introduce new security vulnerabilities.
Episode notes:
Simon is the founder and longtime project lead of OWASP ZAP (opens new window), an integrated penetration testing tool that helps uncover vulnerabilities in web apps, including compromised authentication, sensitive data exposure, and SQL injection. ZAP is OWASP (opens new window)’s most active project and the world’s most popular web app scanner.
Check out other OWASP projects here (opens new window) or explore ZAP’s docs (opens new window).
Check out our blog post on how you can mitigate the ten most-found OWASP vulnerabilities (opens new window) in Stack Overflow C++ snippets.
Jit (opens new window), where Simon is a distinguished engineer, is a DevSecOps platform that allows high-velocity engineering teams to embed security requirements throughout the DevOps workflow. You can explore Jit’s docs here (opens new window).
Today we’re shouting out the question CSP Alerts by OWASP even though CSP header is added (opens new window), definitively answered by one Simon Bennetts (opens new window).
Simon is on LinkedIn (opens new window) and Twitter (opens new window).
