Run OWASP ZAP Security Scan Within Selenium Automation | DevSecOps for Testers | Part -1

Description

Security testing doesn’t have to be a separate or manual activity. In this video, I’ll show you how to integrate OWASP ZAP security scanning directly into a Selenium automation framework, so your functional tests can also help uncover common web security vulnerabilities early in the SDLC. You’ll see how Selenium drives the application like a real user, while ZAP runs in the background, intercepts traffic, and scans for issues such as: SQL Injection Cross-Site Scripting (XSS) Security misconfigurations Other OWASP Top 10 risks 🔍 What you’ll learn in this video: How OWASP ZAP works with Selenium ZAP API Client overview and configuration Using proxy, target URL, and API key Selenium framework structure (Page Object Model) Executing security-enabled tests using TestNG Running tests via terminal using mvn test This approach works well for QA engineers, automation testers, and teams adopting DevSecOps or shift-left security practices. 🔗 Useful Links 👉 Download OWASP ZAP https://www.zaproxy.org/download/ 👉 ZAP API Client Documentation https://www.zaproxy.org/docs/api/ 👉 GitHub Repository (Selenium + ZAP Integration Code) 👉 Add your repo link here https://github.com/grishi111/zap-selenium 👍 Support the Channel If you found this video helpful: Like the video Subscribe to the channel Share it with your QA or security community. #OWASPZAP #selenium , #securitytesting #automationtesting #devsecops #qa #qaautomation #testautomation #seleniumjava #websecurity #owasp #pentesting #qualityengineering 📌 New videos on Selenium, automation frameworks, AI in testing, and security testing coming soon.