OWASP Zap Dynamic Application Security Test (!13) · Merge requests · Startuplab / Courses / TJTS5901 Continuous Software Engineering / beeMapTemplate

Add OWASP Zap DAST security scanner to pipeline. Passive baseline scan is run always and full scan is triggered manually. Full scan attacks the application actively, so it might even brake the app.

Currently job artifacts are generated in .json, .md and .html format.

Link to scanner https://www.zaproxy.org/docs/docker/

OWASP Zap Dynamic Application Security Test

Merge request reports