/authors/nirojan/ Recent content in Nirojan on ZAP Hugo en-us Fri, 15 May 2020 00:00:00 +0000 /blog/2020-05-15-dynamic-application-security-testing-with-zap-and-github-actions/ Fri, 15 May 2020 00:00:00 +0000 /blog/2020-05-15-dynamic-application-security-testing-with-zap-and-github-actions/ <p><a href="https://github.com/marketplace/actions/zap-full-scan"><img src="./images/zap-action.png" alt="zap-action"></a></p> <p><a href="https://github.com/marketplace/actions/zap-full-scan">ZAP full scan GitHub action</a> provides free dynamic application security testing (DAST) of your web applications. DAST is also known as black-box testing, which allows ZAP to identify potential vulnerabilities in your web applications. We previously introduced the <a href="https://github.com/marketplace/actions/zap-baseline-scan">ZAP baseline scan GitHub action</a> to passively identify potential alerts in a web application. However, unlike the baseline scan, ZAP full scan attacks the web application to find additional vulnerabilities.</p> /blog/2020-04-09-automate-security-testing-with-zap-and-github-actions/ Thu, 09 Apr 2020 00:00:00 +0000 /blog/2020-04-09-automate-security-testing-with-zap-and-github-actions/ <p><a href="https://github.com/marketplace/actions/zap-baseline-scan"><img src="./images/zap-action.png" alt="zap-action"></a></p> <p>With the increasing number of web application security breaches, it is essential to keep your web application secure at all times. Furthermore having security integrated into your CI/CD pipeline (DevSecOps) will become a lifesaver if you are actively developing the application. To cater to this need ZAP provides a baseline scan feature to find common security faults in a web application without doing any active attacks.</p>