...
For our DAST initiatives, we have chosen OWASP ZAP (Zed Attack Proxy) as our primary tool. OWASP ZAP stands out in the realm of open-source security tools for its effectiveness in discovering vulnerabilities in web applications while they are active. This tool is adept at revealing a wide range of security weaknesses, which makes it a perfect fit for our security testing requirements.
Rules
As it comes to the rules which were used in scans, we're utilizing the default policy created by experts at OWASP. This policy is a comprehensive set of rules and configurations that have been conscientiously developed to cover a vast array of current security vulnerabilities.
...