I would like to know if anyone has created a security policy base on a vulnerability scanner? In my case, I am reviewing the ASM documentation and I find an option that says: "Security policy integrated with vulnerability assessment tool"
but i have not found much documentation about it and I am interested, I'm trying to do a quick learning for a security policy using OWASP ZAP, but I'm not sure of the results, also I find that there is an option in the ASM where I can download a template for a generic scanner, but I don´t know how to use it.
Could someone give me some links or documentation, or if you have experience can you help me, please!
Thank you very much in advance!
You need to do next: