ZAP 2.8.0 with the Heads Up Display is now available from
For full details see the release notes:
Thank you to everyone who has contributed to this release.
ZAP 2.10.0 is now available to download from
Release notes:
This is the ten year anniversary release!
Thank you to everyone who has contributed to this release or supported the
@owasp
ZAP project in any way.
New ZAP alpha active scan rule: Log4Shell (CVE-2021-44228) detection:
Note this does depend on OAST support:
Great work by
@ricekot_
Blog post coming soon...
#Log4Shell
#log4j
#owasp
#dast
.
@owasp
ZAP 2.7.0 is now available from
For details of whats included see the release notes:
Many thanks to everyone who has contributed to this release.
Join
@psiinon
and
@EUSP
tomorrow (17th April) for a 3 hour deep dive workshop into
@owasp
ZAP automation and authentication
Join the
@AllDayDevOps
slack channel to ask questions live.
Want to learn more about
#ZAP
and automated
#security
testing? Join us at
@ZAProxyCon
on March 8-9!
#ZAPCon
is a virtual user conference and it’s completely free. Save your spot 🪑
We have seen a significant increase in ZAP usage recently and this has resulted in a corresponding increase in support questions, especially regarding authentication handling.
We are now focussing on improving the authentication docs - see
The
@owasp
ZAP documentation, like that of many open source projects, could be much better. We are starting a "ZAP Documentation ++" initiative in an attempt to improve it.
See this gdoc for more info on how you can get involved.