The Zed Attack Proxy (ZAP) has grown from a personal project into one of the most widely used open-source security testing tools in the world. In this episode of AppSec.FM, Jerry Hoff talks with Simon Bennetts, founder and lead of ZAP, about its evolution, role in CI/CD automation, and the importance of community contributions. The conversation also explores the integration of AI, the unique position of ZAP in the security ecosystem, and where the project is headed next.Highlights: • The journey of ZAP from concept to millions of downloads. • How ZAP is used by developers, security teams, and pen testers. • Why automation in CI/CD pipelines is key for AppSec. • The role of AI in modern security testing. • How ZAP differs from other tools like Burp. • Community involvement and the future of open-source AppSec. • Handling modern protocols such as WebSockets. • Future directions for ZAP and security testing with AI.Guest links:https://www.linkedin.com/in/psiinon/https://www.zaproxy.org—AppSec.FM is the podcast for application security professionals, hosted by Jerry Hoff. Subscribe on Apple Podcasts, Spotify, or at appsec.fm.

Ver todos los episodios