Ideas for sassy marketing video ZAP

[johanna curiel curiel]

Hello Evangelist and ZAP fans

I would like your input to create a nice video animation like this 'draft'

https://www.youtube.com/watch?v=_QF5Gqk67T4

Target group: people new to ZAP (Devs)

For this idea, we need to define a short 'script', we make the video of 60 seconds with some nice animation as an intro

Example Script:

• What is ZAP? (3 sec)
  
• ZED attack proxy is the most popular security penetration testing tool for finding vulnerabilities in web applications (7 seconds)
• How it works? ZAP is program that intercepts all the requests and responses done through a configured browser (7 seconds)
• It gives you the power to manipulate the entire contents of the request send to the web server hosting the website you are browsing (10 sec)
• It contains many features that allows you to test your application against most common vulnerabilities such as SQL injections, XSS attacks and more (10 sec)
• Want to learn more? Visit .... (4 secs)
  

Total time: +/- 60 secs

Please your Feed back on:

• Pictures matching text/voice over
  
• Text - Voice over to be used that describes best what zap is
  

Looking forward to create short videos like this to teach ZAP in a fun way

Cheers

--

Johanna Curiel 

OWASP Volunteer

[Zack Syn]

Hello Johanna,

This is already great !

Do you need more scenarios ? Like how to configure a windows phone etc ?

Cheers,

Zack

--
You received this message because you are subscribed to the Google Groups "OWASP ZAP Evangelists Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to zaproxy-evangel...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Simon Bennetts]

Love it :)

The more of these the better!

Happy to give feedback on proposed txt etc, but I'll let other suggest the first drafts - I suspect I'm too close to be able to pitch effectively to newcomers now ;)

Many thanks!

Simon

[johanna curiel curiel]

Hi Zack

Sure.What I would like to produce is a small series of 7 videos, max 5/10 minutes , explaining how to use ZAP for Devs

What is ZAP?==>This is a short intro video (1 min)

Then we go and produce(please provide feed back):

1. How to setup ZAP with your browser of choice (+3 min)
   
2. Passive Scan with ZAP: explain what is passive scans and how to do it
3. Break Points(newsletter December)
4. Active Scan
5. Automated testing
6. Login issues to JIRA automatically

A complete video series that can teach someone the basics on how to use ZAP. The first serie is for beginners and we then can move to more complex features.

The explanation provided in the newsletters is a great source for the 'scripts' and content of the video

A proxy is most of the time not part of a developer approach but introducing ZAP too them we could.

My idea is to target these videos to developers where they can use ZAP in a practical and easy way to test low hanging fruits vulnerabilities in their applications while they develop.

Another series could be for pen testers and explain then mostly advanced and cool features.

Ideas for this series?

Cheers

Johanna

[johanna curiel curiel]

>>I think a key item to point out for developers is the usage of ZEST scripts and the ability to play them back.

Thanks for pointing this out

Input regarding the content of training video series for Devs is very welcome ;-)

On Wed, May 18, 2016 at 10:50 AM, Aaron Guzman <aaron....@owasp.org> wrote:

Hi Johanna, 

Great ideas!

I think a key item to point out for developers is the usage of ZEST scripts and the ability to play them back. Often times, new people are unaware of this ability as well as the features ZEST has for automation. 

--
Aaron Guzman
OWASP Los Angeles Board Member

Cloud Security Alliance LA/SoCal President
aaron....@owasp.org
Twitter: @scriptingxss
Linkedin: http://lnkd.in/bds3MgN