Versions Compared

Old Version 27

changes.mady.by.user Unknown User (m.van.kessel)

Saved on

compared with

New Version 28

changes.mady.by.user Unknown User (m.van.kessel)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...


Dependency-Check updates using the NVD Data Feeds. For more information about the dependency checker see: OWASP dependency plugin (Jenkins). The standard libraries with Blueriq are checked this way. When using extra libraries or replacing libraries, it would be advisable to run this on the enviromenttool also over the extra libraries.


OWASP ZAP

The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers. It is used as a proxy to run selenium tests through and then ZAP can spider further throughout the complete application. ZAP will attack the application with the most popular (OWASP top10) attacks like injections, clickjacking, xss, csrf etc. ZAP should also run every night so you are sure that no important vulnerabilities are being introduced by the new code.

...