Workshop 12:00 - 14:30 August 07, 2021
API testing is now vital to AppSec but presents some challenges that conventional DAST testing did not face. This session will show how running developers’ non-security tests for the APIs they develop through an interception proxy such as OWASP ZAP can enable easier, faster, and more accurate DAST testing.
Joe Schottman is an application security focused security professional with experience ranging from web application development to DevOps to purple team engagements. He has spoken at regional and national conferences on threat hunting, web shells, purple teams, and more.