https://takao.blog/en/tags/owasp-zap/Recent content in Owasp-Zap on Commentary of TakaoHugo -- gohugo.ioenCommentary of TakaoSat, 13 Jun 2026 23:11:50 +0900https://takao.blog/en/web/owasp-zap-advanced-2026/Tue, 09 Jun 2026 00:00:00 +0900https://takao.blog/en/web/owasp-zap-advanced-2026/<img src="https://takao.blog/img/thumnail.webp" alt="Featured image of post OWASP ZAP in 2026: Advanced Scanning and CI/CD Integration" /><h2 id="beyond-basic-scanning">Beyond Basic Scanning </h2><p>OWASP ZAP has evolved significantly since its early days. In 2026, it is no longer just a point-and-click proxy scanner — it is a full-featured security automation platform with a powerful API, a scriptable automation framework, and deep CI/CD integration. If you need the basics first, read our <a class="link" href="https://takao.blog/web/owasp-zap/" >OWASP ZAP installation and setup guide</a>. This article covers advanced workflows for teams running security tests at scale.</p> <h2 id="api-scanning-with-zap">API Scanning with ZAP </h2><p>Modern applications rely heavily on REST and GraphQL APIs. ZAP&rsquo;s OpenAPI and GraphQL support allows you to scan APIs without a browser.</p>https://takao.blog/en/web/owasp-zap/Fri, 20 Oct 2023 00:00:00 +0900https://takao.blog/en/web/owasp-zap/<img src="https://takao.blog/img/thumnail.webp" alt="Featured image of post OWASP ZAP: Web Application Security Testing Guide" /><h1 id="owasp-zap-web-application-security-testing-guide">OWASP ZAP: Web Application Security Testing Guide </h1><p>Web application security is no longer optional — it is a fundamental requirement for protecting user data and maintaining trust. OWASP ZAP (Zed Attack Proxy) is one of the most popular open-source security testing tools available. It helps developers and security professionals identify vulnerabilities in web applications through automated scanning and manual testing features. This guide covers the full workflow, from installation to remediation.</p>