[Owasp-leaders] ZAP Marketing quotes

Matt Tesauro matt.tesauro at owasp.org
Wed Sep 26 19:26:02 UTC 2012


First, props on getting into the top 5 OWASP pages.  That rocks.

Second, I'd really work on highlighting ZAP's selection for the Google
Summer of Code - I followed ZAP's progress with GSoC and its really worth
making noise about about the work that happened there.

Third, ZAP is the best option (in my mind) for an open source,
cross-platform local proxy that is also free (as in beer).  My default
answer for people getting into the field is to start with ZAP.  The last
several training classes I've held centered on ZAP as the proxy of choice.
 I still have a big soft spot for WebScarab (the proxy I learned on) but
the UI + the current care and feeding that project is getting from the
community really makes the difference.

Forth, I know that ZAP has an API and beenshell integration.  I think
additional work on documenting use cases for these would be great.  Also,
adding Jython/Jruby support/documentation would be awesome and potentially
allow for possible CI integration or interesting feature additions to ZAP.

Lastly, feel free to mention that Rackspace is using ZAP.  I've introduced
ZAP to several developers and Quality Engineers who want to look at things
from an HTTP perspective.  I've got some internal training planned and I
will be using ZAP to demonstrate the power of a local HTTP proxy.  I'll be
at the OpenStack Summit in a couple of weeks and will be pimping it there
as well.

Keep on rocking.

-- Matt Tesauro
OWASP Board Member
OWASP WTE Project Lead
http://AppSecLive.org - Community and Download site

On Tue, Sep 25, 2012 at 1:00 PM, psiinon <psiinon at gmail.com> wrote:

> Hi folks,
> As you may know, OWASP ZAP has been selected as one of the projects to
> receive 'reboot' funding:
> https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Reboot2012
> As part of this initiative we're revamping the marketing literature (ok,
> creating some from scratch;)
> It would be really great if we could include some endorsements and/or
> quotes from well known companies and/or individuals.
> Any offers?
> Or suggestions of people/companies I could follow up?
> Probably best to email me directly rather than spamming everyone on the
> list, unless you do want to email everyone of course!
> PS based on the number of requests shown on
> https://www.owasp.org/index.php/Special:PopularPages over the last month,
> ZAP is the 5th most popular page on owasp.org!
> FYI the top 5 requested pages were:
>    1. Main Page
>    2. XSS (Cross Site Scripting) Prevention Cheat Sheet
>    3. OWASP Jobs
>    4. Cross-site Scripting (XSS)
>    5. OWASP Zed Attack Proxy Project
> Cheers,
> Simon
> --
> OWASP ZAP: Toolsmith Tool of the Year 2011<http://holisticinfosec.blogspot.com/2012/02/2011-toolsmith-tool-of-year-owasp-zap.html>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20120926/2d709322/attachment.html>

More information about the OWASP-Leaders mailing list