Open tomkralidis opened 2 months ago
I ran zaproxy as part of the GitHub-test that runs wis2box-api, it created the following report: https://github.com/wmo-im/wis2box-api/issues/60
I checked the items listed in the report, they actually all have "Risk | Medium" or less ...
I will try to study how to only detect higher risk items ...
Risk | Medium
Risk | Low
Risk | Informational
We should run against:
...and inspect all output/report, and action only items that are High or Critical.
Ensure that web applications are scanned/penetration tested (suggest to use zapproxy to scan for critical alerts).