From the course: Application Security Testing and Debugging
Join today to access over 25,300 courses taught by industry experts.
OWASP code review tools workshop
From the course: Application Security Testing and Debugging
OWASP code review tools workshop
Welcome to this video of OWASP Code Review Tools Workshop. Automated scanners find vulnerabilities but they miss context. Manual testing catches logic flaws but can't scale. What if you could combine both approaches, using tools to discover attack surfaces while applying human intelligence to validate real threats? In this video, we'll configure OWASP ZAP and WebCode to perform semi-automated security testing combining automated discovery with manual validation techniques used by professional security teams. By the end of this video you will be able to configure a ZAP by OWASP and web code testing environments, execute automated spidering and active scanning workflows, analyze security alerts by risk level and confidence ratings, apply manual validation techniques to automated findings. Let's begin by understanding why semi-automated testing represents the evolution of professional security analysis. The pure automated testing limitations include like no business context, like you…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.