Image Removed

Image Added

📙 You will learn

How to generate a report in OWASP ZAP and upload it to ThreadFix.

Prerequisites

Audience: IT Professional
Difficulty: Basic
Time needed: Approximately 10 minutes
Tools required: N/A

Generate Results

After Launching ZAP, there are two options for obtaining results to generate a report:

• Select New Session and generate a new set of result

• Select Open Session and select a pre-populated session
  

Image Removed

Image Added

Enter Target into URL to attack and select Attack:

Image Removed

Image Added

After ZAP finishes its attack, select Report → Generate XML Report... and save to the desired directory:

Image Removed

Image Added

Upload Results

1. After generating a report, log in to ThreadFix and navigate to the Portfolio page, found on the Navigation sidebar under the Application sub-menu.
   

   Image RemovedImage Added

    

2. Expand the Team the report will be uploaded to:
   

   Image RemovedImage Added

    

3. After picking one of the Team's applications, select Upload Scan and drag the report into the pane:

   Image RemovedImage Added

    
   Alternately, users can upload the file via the Upload Scan API call.
   

4. Once ThreadFix finishes processing the report, the results can be viewed on the individual application's page:
   

   Image RemovedImage Added