![]() "More and more, our community is looking for improvements to ZAP that make it more capable for the kinds of scans they perform every day," said Bennetts. While not exploitable in 2.11.1, they did still trigger vulnerability scanners. The stable release also includes dependency updates (including log4j).Bit.ly telemetry removal-all "calls home" now only use the domain.A large number of active and passive scan rules have been promoted.A multi threaded passive scanner significantly speeds up the time required to complete scans.As a bonus, the spider also can find many more URLs compared to the previous version. The spider has been moved to an add-on, allowing the community to update ZAP at any time.A new networking stack allows ZAP to support new protocols like HTTP/2. ![]() The latest version delivers a new and improved networking stack, greater flexibility to accommodate future updates, a multi-threaded passive scanner for faster scanning, and a slate of dependency updates: Post thisĪ dynamic application security testing (DAST) tool, ZAP helps users find security vulnerabilities in their code. Expanding the number of protocols and URLs ZAP can scan is a huge enhancement, and improving the speed of the scans themselves means that the developers and security professionals who rely on ZAP can get more done faster-which is always a plus.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |