The upcoming release of OWASP ZAP 2.11.0 introduces several new features, including an automation framework, out-of-band security testing, and improved reporting capabilities.
- OWASP ZAP is a web scanner tool designed to find vulnerabilities in custom web applications.
- The new automation framework simplifies the process of configuring and running scans.
- Out-of-band security testing allows for the detection of vulnerabilities that may not be immediately apparent.
- Improved reporting capabilities provide more detailed information about vulnerabilities and site statistics.
- The package scans and API are still available, but the automation framework provides a more user-friendly option for those less familiar with driving Zap through the API.
The automation framework was introduced earlier this year and has been improved upon for the upcoming release. It simplifies the process of configuring and running scans, making it more accessible for those less familiar with driving Zap through the API. This is important because while the API is powerful, it can be complicated for some users to navigate effectively. The automation framework provides a more user-friendly option for those who may not have as much experience with Zap.