Building a Scanner and a Community with Zed Attack Proxy - Simon Bennetts - ASW #254 - podcast episode cover

Building a Scanner and a Community with Zed Attack Proxy - Simon Bennetts - ASW #254

Application Security Weekly (Audio)
Sep 12, 20231 hr 13 min
--:--
--:--
Listen in podcast apps:
Metacast
Apple Podcasts
Spotify
Download
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

Zed Attack Proxy is an essential tool for web app pentesting. The project just recently moved from OWASP to the Secure Software Project. Hear about the challenges of running an OSS security project, why Simon got involved in the first place, and why successful projects are about more than just code.

Segment Resources: - https://www.zaproxy.org/

 - https://softwaresecurityproject.org/blog/welcoming-zap-to-the-software-security-project/

 - https://owasp.org/www-project-vulnerable-web-applications-directory/

 In the news segment, a key compromised from a crash dump (and the many, many lessons that followed), more examples of mishandling secrets, URL parsing mismatches show path traversal works well in Rust, an old Linux kernel bug shows how brittle code can be (even when it's heavily audited), an example of keeping OSS projects alive, a quick note on BLASTPASS, and a look at privacy in cars, and more!

Visit https://securityweekly.com/asw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/secweekly

Like us on Facebook: https://www.facebook.com/secweekly

Show Notes: https://securityweekly.com/asw-254

For the best experience, listen in Metacast app for iOS or Android
Open in Metacast
Building a Scanner and a Community with Zed Attack Proxy - Simon Bennetts - ASW #254 | Application Security Weekly (Audio) podcast - Listen or read transcript on Metacast