Did you know that companies who buy a ZAP Support Package get a dedicated private #Slack channel?
zaproxy.org/support/#suppo…
If you support us, we'll support you!

ZAP updates for April: zaproxy.org/blog/2024-05-0…
ZAP professional services, a new Docker Hub org, a new GitHub Action and 2.15.0 is coming soon.

Hey Zed Attack Proxy - got some swag on its way to you so you can send it to your top code contributors and people buying support contracts!

Theres a new ZAP GitHub action for the Automation Framework: github.com/marketplace/ac…

The ZAP #docker images in the @OWASP DockerHub org have now been deleted.
For details of the supported images see zaproxy.org/download/#dock…

Does your company use ZAP?
Did you know you can now buy ZAP Support Packages?
These give you prioritised access to the ZAP developers in order to resolve any ZAP related problems or bugs.
They also help fund ZAP development😀
zaproxy.org/support/#suppo…

The ZAP images in the OWASP Docker Hub org will now just exit telling you to switch to the supported images detailed on zaproxy.org/download/#dock…

You can now get ZAP Professional Services, delivered by key members of the ZAP Core Team.
zaproxy.org/blog/2024-04-0…
These help fund ZAP developments, so its also a way to support the project.

ZAP updates for March: zaproxy.org/blog/2024-04-0…
#zaproxy #appsec

ZAP will still be part of the The Software Security Project
But - if you signed up for more info previously then you will need to sign up again, as it will no longer be under the Linux Foundation
See softwaresecurityproject.org/newsletter/
and more news coming soon!

It is interesting that none of the bigger companies that sell services based on Zed Attack Proxy have got in touch with us re supporting the project.
Companies like Checkmarx, Traceable.ai, @GitLab, StackHawk ..
This does make it much more likely that we will GPL ZAP...

ZAP Support changes: zaproxy.org/blog/2024-03-1…

We have a very BIG funding annoucement!
ZAP is now being supported by the Crash Override Open Source Fellowship!
You can read all about it on the ZAP blog: zaproxy.org/blog/2024-03-1…

New ZAP Blog post: Unveiling the ZAP User Personas
zaproxy.org/blog/2024-03-1… c/o Yiannis Pavlosoglou

The ZAP Docker images are no longer being pushed to the OWASP Docker Hub account.
See zaproxy.org/download/#dock… for the maintained alternatives.

ZAP February Update
zaproxy.org/blog/2024-03-0…
Including restructured desktop menus, OWASP Docker Hub depreciation, Funding, and GSoC.

ZAP January update
zaproxy.org/blog/2024-02-0…
Including funding investigations, a CLA and Google Summer of Code.

Would your company be prepared to pay for a (reasonably priced) Zed Attack Proxy support contract?

I'm trying to work out how we can fund ZAP ongoing development .. and its hard🙁
We have short term funding, but it won't last, so we need something more permanent or ZAP may fail...

Version 0.30.0 of the Retire.js add-on was released this morning. This release brings performance improvements and pattern updates.

#DAST #APpSec #WebAppSec #PenTest #PenetrationTesting #RedTeam #BugBountyTip

New Blog post: Signing Requests using RSA Keys c/o Michał Walkowski
zaproxy.org/blog/2024-01-2…