Visual Studio Team Services build/release task for running OWASP ZAP automated security tests. Run active scan against a target with security risk thresholds and ability to generate the scan report.
Using OWASP Zed Attack Proxy Scan Task
Follow the instructions given below to add and configure OWASP Zed Attack Proxy Task in your build/release pipeline.
Add the OWASP Zed Attack Proxy Scan Task
Install the OWASP Zed Attack Proxy Scan Task in to your Visual Studio Team Services account and search for the task in the available tasks. The task will appear in the Test section of the task list. Add it to your build/release task.
OWASP Zed Attack Proxy Scan task has some required configuration options that needed to be provided.
These configurations are found in the ZAP API Configuration section.
Spider Scan Options
This configuration section includes the parameters that need to be sent to perform the active scan against the target.
Loading More data ...