(blue star) You will learn

How to generate a report in OWASP ZAP and upload it to ThreadFix.

Prerequisites

Audience: IT Professional
Difficulty: Basic
Time needed: Approximately 10 minutes
Tools required: N/A

Generate Results

After Launching ZAP, there are two options for obtaining results to generate a report:

  • Select New Session and generate a new set of result

  • Select Open Session and select a pre-populated session


Enter Target into URL to attack and select Attack:

After ZAP finishes its attack, from the Report menu, select Generate XML Report... and save to the desired directory:

 

Upload Results

  1. After generating a report, log in to ThreadFix and navigate to the Portfolio page, found on the Navigation sidebar under the Application sub-menu.

     

  2. Expand the Team the report will be uploaded to:

     

  3. After picking one of the Team's applications, select Upload Scan and drag the report into the pane:

     
    Alternately, users can upload the file via the Upload Scan API call.

  4. Once ThreadFix finishes processing the report, the results can be viewed on the individual application's page:

Table of Contents