As we reach the end of September 2024, ThreadFix version 3.x on-premises has officially reached its End-of-Life. Therefore, there is no longer support or updates for this version of the product. We have fully transitioned our product and development teams to focus ThreadFix SaaS and migrating all customers over from the on-premises versions. Our Customer Success and Support teams are here to help you in migrating to ThreadFix SaaS and maximizing the value you see from this improved offering from Coalfire. This is the next phase of ThreadFix and our team is looking forward to continuing to support you on this journey.
OWASP Zed Attack Proxy (ThreadFix 3.X)
- Daniel Colon
You will learn
How to generate a report in OWASP ZAP and upload it to ThreadFix.
Prerequisites
Audience: IT Professional
Difficulty: Basic
Time needed: Approximately 10 minutes
Tools required: N/A
Generate Results
After Launching ZAP, there are two options for obtaining results to generate a report:
Select New Session and generate a new set of result
Select Open Session and select a pre-populated session
Enter Target into URL to attack and select Attack:
After ZAP finishes its attack, from the Report menu select Generate XML Report... and save to the desired directory:
Â
Upload Results
After generating a report, log in to ThreadFix and navigate to the Portfolio page, found on the Navigation sidebar under the Application sub-menu.
Â
Expand the Team the report will be uploaded to:
Â
After picking one of the Team's applications, select Upload Scan and drag the report into the pane:
Â
Alternately, users can upload the file via the Upload Scan API call.Once ThreadFix finishes processing the report, the results can be viewed on the individual application's page:
Â
Table of Contents
www.threadfix.it | www.coalfire.com
Copyright © 2024 Coalfire. All rights reserved.
This Information Security Policy is CoalFire - Public: Distribution of this material is not limited.