At OBS, we strive continually to bring our customers peace of mind with strengthened and reinforced application security.
As part of automating our web application and API security, we chose to deploy OWASP ZAP as one of our Dynamic Application Security Testing (DAST) technologies. This DevSecOps approach helps our developers and engineering teams to detect vulnerabilities, including the OWASP Top Ten Web and API, in CI/CD pipelines before releasing our solutions.
Thanks to its libraries and API, ZAP is highly customizable and this allowed us to easily develop tools that use these resources. The many interesting features, such as the scripting engine, passive scripts, python hooks and add-ons developed by ZAP and the community, make the tool even more powerful and easy to use.