https://takao.blog/en/tags/api-testing/Recent content in Api-Testing on Commentary of TakaoHugo -- gohugo.ioenCommentary of TakaoSat, 13 Jun 2026 23:11:50 +0900https://takao.blog/en/web/owasp-zap-advanced-2026/Tue, 09 Jun 2026 00:00:00 +0900https://takao.blog/en/web/owasp-zap-advanced-2026/<img src="https://takao.blog/img/thumnail.webp" alt="Featured image of post OWASP ZAP in 2026: Advanced Scanning and CI/CD Integration" /><h2 id="beyond-basic-scanning">Beyond Basic Scanning </h2><p>OWASP ZAP has evolved significantly since its early days. In 2026, it is no longer just a point-and-click proxy scanner — it is a full-featured security automation platform with a powerful API, a scriptable automation framework, and deep CI/CD integration. If you need the basics first, read our <a class="link" href="https://takao.blog/web/owasp-zap/" >OWASP ZAP installation and setup guide</a>. This article covers advanced workflows for teams running security tests at scale.</p> <h2 id="api-scanning-with-zap">API Scanning with ZAP </h2><p>Modern applications rely heavily on REST and GraphQL APIs. ZAP&rsquo;s OpenAPI and GraphQL support allows you to scan APIs without a browser.</p>