[Owasp-leaders] ZAPping the OWASP Top 10

johanna curiel curiel johanna.curiel at owasp.org
Thu Aug 28 13:41:01 UTC 2014


Tenable formerly known as Nessus also uses a similar approach in their
scanning tool
http://www.tenable.com/sc-dashboards/owasp-top-10



On Thursday, August 28, 2014, psiinon <psiinon at gmail.com> wrote:

> Leaders,
>
> I often get asked if ZAP scans for the "OWASP Top 10".
> As I'm sure you're all aware, its not really possible to automatically
> scan for all of the vulnerabilities behind the OWASP Top 10 _risks_.
>
> But I still think its a question that should be answered, and so I've
> added this page to the OWASP wiki based on input from the ZAP contributors:
>
> https://www.owasp.org/index.php/ZAPpingTheTop10
>
> I just wanted to make sure that no one objects before I start publicizing
> it.
>
> Note that the pdf points to the page on the ZAP wiki - I'll change that
> before publicizing it outside of this list.
>
> Of course if anyone has any suggestions as to features we could add to
> make detecting any vulnerabilities any easier then dont hesitate to get in
> touch ;)
>
> Cheers,
>
> Simon
>
>
> --
> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20140828/cfffcf96/attachment.html>


More information about the OWASP-Leaders mailing list