Simon Bennetts

Repository on the @CyberSecMonth website includes @OWASPCornucopia @zaproxy @owtfp and 10 other #OWASP projects http://cybersecuritymonth.eu/references 

Anyone using @zaproxy for automating CMS apps? (cc @digininja @MadsRC)

@jmbrnt @humanPincushion you can try some simple automation like with ZAP which will scan and point out dodginess https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project …

I think companies should strongly discourage employees from working on OSS during nights and weekends. That's what work hours are for.

9 active scan rules promoted from alpha to beta, including #HeartBlead and #ShellShock and source code disclosure. On the Marketplace now.

@psiinon @manicode @jerryhoff working on a CI cheat sheet for the past few weeks. It may turn into a guide :)

@EoinKeary @manicode @psiinon @jerryhoff @jeremiahg @costlow 1. Education 2. DAST integrated in build 3. Arch review 4. App IDS 5. SAST

@manicode @psiinon @jerryhoff @stephendv @jeremiahg @costlow 1. DAST - low hangers 2. Education - prevent 3. SAST - audit code 4. Measure

@psiinon @JariLaakso @neilstudd @europetesters @zaproxy I'm loving the list of interesting password fuzzing parameters today!

@ToolsWatch Thank you guys ! #BHEU and Arsenal was epic, we had so much feedbacks on @zaproxy and so much good karma \o/

@JariLaakso @neilstudd @europetesters @zaproxy yeah @psiinon is great like that!

@TheTestDoctor @neilstudd @europetesters With @zaproxy I noticed their "customer service" is faster and better than for most paid stuff.

@neilstudd @europetesters we will look at some cool stuff, including @zaproxy should be fun

The #JuiceShop vulnerable RIA is now also available as a @docker container: https://registry.hub.docker.com/u/bkimminich/juice-shop/ … - Pull, run, pentest! Enjoy!

@psiinon bro, definitely you should bring @zackhimself with u next time to vegas. The audience was enjoying his skills and sense of humor.