Investigate ZAP for dynamic OWASP analysis

cylc / cylc-ui

Web app for monitoring and controlling Cylc workflows

https://cylc.github.io

GNU General Public License v3.0

37 stars 27 forks source link

Investigate ZAP for dynamic OWASP analysis #758

Open datamel opened 3 years ago

datamel commented 3 years ago

ZAP (https://www.zaproxy.org/) can perform dynamic OWASP analysis, this would be a useful security check to have automated. Investigation would be needed to add this tooling to our GH Actions workflow.

datamel commented 3 years ago

As discussed in https://github.com/cylc/cylc-flow/pull/4405.