Securing Web @Zap- 8 Days WorkShop
Day-1 started at 10.30 am in Collab House with 12 members and 3 mentors for the session.
It all started with self
introducing ourselves, sharing our experience as a Mozillian and what
we expect to learn from this workshop. After that Sumanth Damarla one of the mentor for the session and ZAP Evangalist introduced himself and shared his experience.
Then Sumanth started explaining about OWASP and the areas where we can contribute using ZAP.
About it: ZAP is a matured OWASP security tool which fits for both beginners and professionals.A contributor can learn the following as a part of this campaign :
- Types of threats posing for a Web Application.
- The attacks to be performed to detect flaws in web application.
- He finds them really interesting and the most important thing
- He will know the importance of securing an application.
- What damage could it cause if an application is vulnerable.
Plan: A volunteer can contribute to ZAP in following ways :
- Creating Extensions & Add-ons.
- Contributing to Source code.
- Technical Documentation.
Then he discussed about,
Today's Agenda:
- Introduction to Web Security.
- Types of Attacks.
- Intro to Pentest tools.
Later I explained about how
we can protect our web from malicious persons and what are the
vulnerabilities of attacks in a web application with some examples.
To test participants basic knowledge about security terms we gave them a worksheet.
Finally Day-1 ZAP workshop came to end and we had a group pic with all attendees & mentors.
- Myself
- Sumanth Damarla
- Sanjay Gouri
