“You can’t automate all tests. There are a lot of things you can’t find automatically. You have to have somebody who knows what they are looking for.” — Simon Bennetts
In today’s segment, I talk with Simon Bennetts, project lead for the OWASP Zed Attack Proxy Project or “ZAP” for short. Simon is working on a user friendly tool for integrated penetration testing of web applications. Our discussion took place at AppSec USA 2013. We begin with an overview of the ZAP project and talk about how it came about.