NextGen Security Scanners
- What functionality is missing in today’s scanner tools?
- How to improve the automation parts of existing tools?
- How to further assist users during proxied manual pen tests?
- How can vulnerable applications like OWASP Juice Shop be used by scanner vendors as a sample victim?
- A public document with “What a next generation security scanner needs?
- A concrete plan to include those requirements into ZAP
- Improvements of OWASP ZAP Ajax Spider
- Additional vulnerabilities for OWASP Juice Shop that showcase vulnerabilities found in the wild
The target audience for this Working Session is:
- OWASP ZAP, Arachni, and other OSS scanner developers
- Burp, Acunetix, and other commercial scanner developers
- Web application developers
Based on ZAP characteristics and new OWASP Top 10 risks we need to discuss what else is required to consider as scanner as a next generation security scanner.
- Security Scanners
- ZAP review
- Next Generation Security Scanners needs
- Juice Shop
- OWASP Top 10 2017
- ZAP Plugis
Back to list of all Working Sessions and Tracks
Edit this page here