Link to recording: https://www.youtube.com/watch?v=AQX84p9NhqY
Link to code: https://github.com/Soluto/webdriverio-zap-proxy
DevSecOps, among other things, is also about running various security testing as part of the continues integration pipeline. Usually, people think that a good security testing tool is either expensive or complicated (and sometimes both), but it does not have to be that way. If you have an existing UI automation tests for your web app (and you probably have), you can, with a very small change, integrate it with Zaproxy. Zaproxy is a free and open source tool, developed by OWASP foundation, that (among other things) could be used to scan your web app's traffic for various security issues. In this slides, I am going to show how this is possible, and the tools I've used.