[Owasp-leaders] ZAPping the OWASP Top 10

johanna curiel curiel johanna.curiel at owasp.org
Thu Aug 28 13:41:01 UTC 2014

Tenable formerly known as Nessus also uses a similar approach in their
scanning tool

On Thursday, August 28, 2014, psiinon <psiinon at gmail.com> wrote:

> Leaders,
> I often get asked if ZAP scans for the "OWASP Top 10".
> As I'm sure you're all aware, its not really possible to automatically
> scan for all of the vulnerabilities behind the OWASP Top 10 _risks_.
> But I still think its a question that should be answered, and so I've
> added this page to the OWASP wiki based on input from the ZAP contributors:
> https://www.owasp.org/index.php/ZAPpingTheTop10
> I just wanted to make sure that no one objects before I start publicizing
> it.
> Note that the pdf points to the page on the ZAP wiki - I'll change that
> before publicizing it outside of this list.
> Of course if anyone has any suggestions as to features we could add to
> make detecting any vulnerabilities any easier then dont hesitate to get in
> touch ;)
> Cheers,
> Simon
> --
> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20140828/cfffcf96/attachment.html>

More information about the OWASP-Leaders mailing list