Description:
Implement OWASP ZAP (Zed Attack Proxy) for the online banking application to conduct security assessments and identify vulnerabilities. This includes configuring ZAP to perform automated scans as part of the CI/CD pipeline and providing detailed reports on security risks.
Requirements:
Install and configure OWASP ZAP for use with the online banking application.
Set up automated scanning to occur during the CI/CD process.
Create a process for reviewing and addressing identified vulnerabilities.
Acceptance Criteria:
OWASP ZAP is successfully integrated and running scans on the online banking application.
Security reports are generated and accessible for review.
Documentation on how to use OWASP ZAP and interpret results is created.
Setup OWASP ZAP for online banking app
Description:
Implement OWASP ZAP (Zed Attack Proxy) for the online banking application to conduct security assessments and identify vulnerabilities. This includes configuring ZAP to perform automated scans as part of the CI/CD pipeline and providing detailed reports on security risks.
Requirements:
Acceptance Criteria:
Estimate: 8