[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"sanity-QzmpU2vHUAcM4zFJkmvBw9IU-7UCxwUYCnacBHeOekA":3,"sanity-lUtKLy_gc7fY8lAmIQnA9eAHbpvL5M9to-F671-rt_Q":311},{"data":4,"sourceMap":-1},{"latestPodcast":5,"latestReleases":14,"post":39,"recent":286},[6],{"_id":7,"publishedAt":8,"slug":9,"sponsored":12,"title":13},"d53f9358-3bb2-4f69-aebe-d31d19522cd4","2026-07-10T07:40:00.000Z",{"_type":10,"current":11},"slug","building-more-than-just-an-agent-harness",null,"Building more than just an agent harness",[15,21,27,33],{"_id":16,"publishedAt":17,"slug":18,"title":20},"eb5b66eb-9410-4329-83bb-22bbff39402a","2026-04-28T13:00:00.000Z",{"_type":10,"current":19},"turn-scattered-knowledge-into-trusted-intelligence","Turning scattered knowledge into trusted intelligence: Stack Internal 2026.3",{"_id":22,"publishedAt":23,"slug":24,"title":26},"369c2401-b62e-4a37-8ff8-bf603023ecad","2026-03-02T15:03:00.988Z",{"_type":10,"current":25},"what-s-new-at-stack-overflow-march-2026","What’s new at Stack Overflow: March 2026",{"_id":28,"publishedAt":29,"slug":30,"title":32},"5e9053a4-07ea-447c-91ea-29e0b6228537","2026-02-02T15:00:00.000Z",{"_type":10,"current":31},"what-s-new-at-stack-overflow-february-2026","What’s new at Stack Overflow: February 2026",{"_id":34,"publishedAt":35,"slug":36,"title":38},"a1b538eb-a8a6-46d0-80a1-ac70ec9bb935","2026-01-05T10:00:00.000-05:00",{"_type":10,"current":37},"what-s-new-at-stack-overflow-january-2026","What’s new at Stack Overflow: January 2026",{"_createdAt":40,"_id":41,"_rev":42,"_type":43,"_updatedAt":44,"author":45,"body":62,"comments":260,"dateUrl":261,"excerpt":75,"image":262,"legacyBody":265,"product":12,"publishedAt":268,"slug":269,"sponsored":12,"tags":271,"title":285,"visible":260},"2023-05-24T12:28:25Z","wp-post-22163","XzVcPPDfPNmxxXS3zvEpp9","blogPost","2025-10-31T17:27:07Z",[46],{"_createdAt":47,"_id":48,"_rev":49,"_type":50,"_updatedAt":51,"avatar":52,"employee":57,"name":58,"role":59,"slug":60},"2023-05-23T16:27:18Z","wp-author-295","3Bta4LYddh6s1g3ALChVvb","blogAuthor","2025-05-09T17:21:54Z",{"_type":53,"asset":54},"image",{"_ref":55,"_type":56},"image-d670f8093b43e483a52ba692d929578633f70eb5-1024x1024-jpg","reference","current","Eira May","B2B Editor",{"current":61},"emay",[63,67,78,87,118,148,167,191,220,249],{"_key":64,"_type":65,"markDefs":12,"url":66},"c9c01e503461","embed","https:\u002F\u002Fart19.com\u002Fshows\u002F2355b740-4531-4071-a3ab-5907a95a36d3\u002Fepisodes\u002Fca580403-14fd-46e3-8c2c-413667ca9f19",{"_key":68,"_type":69,"children":70,"markDefs":76,"style":77},"761c0ca63e3b","block",[71],{"_key":72,"_type":73,"marks":74,"text":75},"761c0ca63e3b0","span",[],"Simon Bennetts, founder and project lead of OWASP ZAP, joins the home team to talk about how he came to create the world’s most-used web app scanner, why open-source projects need long-term contributors, and how recent AI advancements could introduce new security vulnerabilities.",[],"normal",{"_key":79,"_type":69,"children":80,"markDefs":86,"style":77},"2b7440ea68c9",[81],{"_key":82,"_type":73,"marks":83,"text":85},"2b7440ea68c90",[84],"strong","Episode notes:",[],{"_key":88,"_type":69,"children":89,"markDefs":112,"style":77},"bfc488760101",[90,94,99,103,108],{"_key":91,"_type":73,"marks":92,"text":93},"bfc4887601010",[],"Simon is the founder and longtime project lead of ",{"_key":95,"_type":73,"marks":96,"text":98},"bfc4887601011",[97],"bcdb02a3a45d","OWASP ZAP",{"_key":100,"_type":73,"marks":101,"text":102},"bfc4887601012",[],", an integrated penetration testing tool that helps uncover vulnerabilities in web apps, including compromised authentication, sensitive data exposure, and SQL injection. ZAP is ",{"_key":104,"_type":73,"marks":105,"text":107},"bfc4887601013",[106],"6b70525e0e1b","OWASP",{"_key":109,"_type":73,"marks":110,"text":111},"bfc4887601014",[],"’s most active project and the world’s most popular web app scanner.",[113,116],{"_key":97,"_type":114,"href":115,"reference":12},"link","https:\u002F\u002Fwww.zaproxy.org\u002F",{"_key":106,"_type":114,"href":117,"reference":12},"https:\u002F\u002Fowasp.org\u002F",{"_key":119,"_type":69,"children":120,"markDefs":143,"style":77},"71ff9b1b4658",[121,125,130,134,139],{"_key":122,"_type":73,"marks":123,"text":124},"71ff9b1b46580",[],"Check out other OWASP projects ",{"_key":126,"_type":73,"marks":127,"text":129},"71ff9b1b46581",[128],"94b0b43bc133","here",{"_key":131,"_type":73,"marks":132,"text":133},"71ff9b1b46582",[]," or explore ZAP’s ",{"_key":135,"_type":73,"marks":136,"text":138},"71ff9b1b46583",[137],"b65786e64076","docs",{"_key":140,"_type":73,"marks":141,"text":142},"71ff9b1b46584",[],".",[144,146],{"_key":128,"_type":114,"href":145,"reference":12},"https:\u002F\u002Fowasp.org\u002Fprojects\u002F",{"_key":137,"_type":114,"href":147,"reference":12},"https:\u002F\u002Fwww.zaproxy.org\u002Fdocs\u002F",{"_key":149,"_type":69,"children":150,"markDefs":164,"style":77},"00c359c13e38",[151,155,160],{"_key":152,"_type":73,"marks":153,"text":154},"00c359c13e380",[],"Check out our blog post on how you can ",{"_key":156,"_type":73,"marks":157,"text":159},"00c359c13e381",[158],"46f4d9657e8e","mitigate the ten most-found OWASP vulnerabilities",{"_key":161,"_type":73,"marks":162,"text":163},"00c359c13e382",[]," in Stack Overflow C++ snippets.",[165],{"_key":158,"_type":114,"href":166,"reference":12},"https:\u002F\u002Fstackoverflow.blog\u002F2019\u002F12\u002F02\u002Fpreventing-the-top-security-weaknesses-found-in-stack-overflow-code-snippets\u002F",{"_key":168,"_type":69,"children":169,"markDefs":186,"style":77},"7f4ffe6c73d6",[170,175,179,183],{"_key":171,"_type":73,"marks":172,"text":174},"7f4ffe6c73d60",[173],"60bf1cb33ad3","Jit",{"_key":176,"_type":73,"marks":177,"text":178},"7f4ffe6c73d61",[],", where Simon is a distinguished engineer, is a DevSecOps platform that allows high-velocity engineering teams to embed security requirements throughout the DevOps workflow. You can explore Jit’s docs ",{"_key":180,"_type":73,"marks":181,"text":129},"7f4ffe6c73d62",[182],"c5f993c2c566",{"_key":184,"_type":73,"marks":185,"text":142},"7f4ffe6c73d63",[],[187,189],{"_key":173,"_type":114,"href":188,"reference":12},"https:\u002F\u002Fwww.jit.io\u002F",{"_key":182,"_type":114,"href":190,"reference":12},"https:\u002F\u002Fdocs.jit.io\u002Fdocs",{"_key":192,"_type":69,"children":193,"markDefs":215,"style":77},"5cb72cb65493",[194,198,203,207,212],{"_key":195,"_type":73,"marks":196,"text":197},"5cb72cb654930",[],"Today we’re shouting out the question ",{"_key":199,"_type":73,"marks":200,"text":202},"5cb72cb654931",[201],"2d015f1ea665","CSP Alerts by OWASP even though CSP header is added",{"_key":204,"_type":73,"marks":205,"text":206},"5cb72cb654932",[],", definitively answered by one ",{"_key":208,"_type":73,"marks":209,"text":211},"5cb72cb654933",[210],"71f68f427db0","Simon Bennetts",{"_key":213,"_type":73,"marks":214,"text":142},"5cb72cb654934",[],[216,218],{"_key":201,"_type":114,"href":217,"reference":12},"https:\u002F\u002Fstackoverflow.com\u002Fquestions\u002F75297420\u002Fcsp-alerts-by-owasp-even-though-csp-header-is-added",{"_key":210,"_type":114,"href":219,"reference":12},"https:\u002F\u002Fstackoverflow.com\u002Fusers\u002F1509834\u002Fsimon-bennetts",{"_key":221,"_type":69,"children":222,"markDefs":244,"style":77},"441260fe675a",[223,227,232,236,241],{"_key":224,"_type":73,"marks":225,"text":226},"441260fe675a0",[],"Simon is on ",{"_key":228,"_type":73,"marks":229,"text":231},"441260fe675a1",[230],"014d662fddd0","LinkedIn",{"_key":233,"_type":73,"marks":234,"text":235},"441260fe675a2",[]," and ",{"_key":237,"_type":73,"marks":238,"text":240},"441260fe675a3",[239],"36578e7774bb","Twitter",{"_key":242,"_type":73,"marks":243,"text":142},"441260fe675a4",[],[245,247],{"_key":230,"_type":114,"href":246,"reference":12},"https:\u002F\u002Fwww.linkedin.com\u002Fin\u002Fpsiinon\u002F?originalSubdomain=uk",{"_key":239,"_type":114,"href":248,"reference":12},"https:\u002F\u002Ftwitter.com\u002Fpsiinon",{"_key":250,"_type":69,"children":251,"markDefs":257,"style":77},"c3a6b919f71b",[252],{"_key":253,"_type":73,"marks":254,"text":256},"c3a6b919f71b0",[255],"0dbb7fff8d23","TRANSCRIPT",[258],{"_key":255,"_type":114,"href":259,"reference":12},"https:\u002F\u002Fthe-stack-overflow-podcast.simplecast.com\u002Fepisodes\u002Fstung-by-owasp-chatting-with-the-creator-of-the-most-popular-web-app-scanner\u002Ftranscript",true,"2023\u002F05\u002F12",{"_type":53,"asset":263},{"_ref":264,"_type":56},"image-472725c034235a56301dc8caf0ed41b3d298c57a-1200x630-png",{"code":266,"language":267},"\u003C!-- wp:html -->\n\u003Ciframe height=\"200px\" width=\"100%\" frameborder=\"no\" scrolling=\"no\" seamless src=\"https:\u002F\u002Fplayer.simplecast.com\u002F4b37a816-fbfb-4ca2-afc3-291fda56dbef?dark=false\">\u003C\u002Fiframe>\n\u003C!-- \u002Fwp:html -->\n\n\u003C!-- wp:paragraph -->\n\u003Cp>Simon Bennetts, founder and project lead of OWASP ZAP, joins the home team to talk about how he came to create the world’s most-used web app scanner, why open-source projects need long-term contributors, and how recent AI advancements could introduce new security vulnerabilities.\u003C\u002Fp>\n\u003C!-- \u002Fwp:paragraph -->\n\n\u003C!-- wp:paragraph -->\n\u003Cp>\u003Cstrong>Episode notes:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003C!-- \u002Fwp:paragraph -->\n\n\u003C!-- wp:paragraph -->\n\u003Cp>Simon is the founder and longtime project lead of \u003Ca href=\"https:\u002F\u002Fwww.zaproxy.org\u002F\" target=\"_blank\" rel=\"noreferrer noopener\">OWASP ZAP\u003C\u002Fa>, an integrated penetration testing tool that helps uncover vulnerabilities in web apps, including compromised authentication, sensitive data exposure, and SQL injection. ZAP is \u003Ca href=\"https:\u002F\u002Fowasp.org\u002F\" target=\"_blank\" rel=\"noreferrer noopener\">OWASP\u003C\u002Fa>’s most active project and the world’s most popular web app scanner. \u003C\u002Fp>\n\u003C!-- \u002Fwp:paragraph -->\n\n\u003C!-- wp:paragraph -->\n\u003Cp>Check out other OWASP projects \u003Ca href=\"https:\u002F\u002Fowasp.org\u002Fprojects\u002F\" target=\"_blank\" rel=\"noreferrer noopener\">here\u003C\u002Fa> or explore ZAP’s \u003Ca href=\"https:\u002F\u002Fwww.zaproxy.org\u002Fdocs\u002F\" target=\"_blank\" rel=\"noreferrer noopener\">docs\u003C\u002Fa>.\u003C\u002Fp>\n\u003C!-- \u002Fwp:paragraph -->\n\n\u003C!-- wp:paragraph -->\n\u003Cp>Check out our blog post on how you can \u003Ca href=\"https:\u002F\u002Fstackoverflow.blog\u002F2019\u002F12\u002F02\u002Fpreventing-the-top-security-weaknesses-found-in-stack-overflow-code-snippets\u002F\" target=\"_blank\" rel=\"noreferrer noopener\">mitigate the ten most-found OWASP vulnerabilities\u003C\u002Fa> in Stack Overflow C++ snippets.\u003C\u002Fp>\n\u003C!-- \u002Fwp:paragraph -->\n\n\u003C!-- wp:paragraph -->\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.jit.io\u002F\" target=\"_blank\" rel=\"noreferrer noopener\">Jit\u003C\u002Fa>, where Simon is a distinguished engineer, is a DevSecOps platform that allows high-velocity engineering teams to embed security requirements throughout the DevOps workflow. You can explore Jit’s docs \u003Ca href=\"https:\u002F\u002Fdocs.jit.io\u002Fdocs\" target=\"_blank\" rel=\"noreferrer noopener\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003C!-- \u002Fwp:paragraph -->\n\n\u003C!-- wp:paragraph -->\n\u003Cp>Today we’re shouting out the question \u003Ca href=\"https:\u002F\u002Fstackoverflow.com\u002Fquestions\u002F75297420\u002Fcsp-alerts-by-owasp-even-though-csp-header-is-added\" target=\"_blank\" rel=\"noreferrer noopener\">CSP Alerts by OWASP even though CSP header is added\u003C\u002Fa>, definitively answered by one \u003Ca href=\"https:\u002F\u002Fstackoverflow.com\u002Fusers\u002F1509834\u002Fsimon-bennetts\" target=\"_blank\" rel=\"noreferrer noopener\">Simon Bennetts\u003C\u002Fa>.\u003C\u002Fp>\n\u003C!-- \u002Fwp:paragraph -->\n\n\u003C!-- wp:paragraph -->\n\u003Cp>Simon is on \u003Ca href=\"https:\u002F\u002Fwww.linkedin.com\u002Fin\u002Fpsiinon\u002F?originalSubdomain=uk\" target=\"_blank\" rel=\"noreferrer noopener\">LinkedIn\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fpsiinon\" target=\"_blank\" rel=\"noreferrer noopener\">Twitter\u003C\u002Fa>.\u003C\u002Fp>\n\u003C!-- \u002Fwp:paragraph -->\n\n\u003C!-- wp:paragraph -->\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fthe-stack-overflow-podcast.simplecast.com\u002Fepisodes\u002Fstung-by-owasp-chatting-with-the-creator-of-the-most-popular-web-app-scanner\u002Ftranscript\" target=\"_blank\" rel=\"noreferrer noopener\">TRANSCRIPT\u003C\u002Fa>\u003C\u002Fp>\n\u003C!-- \u002Fwp:paragraph -->","html","2023-05-12T04:40:00.000Z",{"current":270},"stung-by-owasp-chatting-with-the-creator-of-the-most-popular-web-app-scanner-ep-570",[272,280],{"_createdAt":273,"_id":274,"_rev":275,"_type":276,"_updatedAt":273,"slug":277,"title":279},"2023-05-23T16:43:21Z","wp-tagcat-podcast","9HpbCsT2tq0xwozQfkc4ih","blogTag",{"current":278},"podcast","The Stack Overflow Podcast",{"_createdAt":273,"_id":281,"_rev":275,"_type":276,"_updatedAt":273,"slug":282,"title":284},"wp-tagcat-the-stack-overflow-podcast",{"current":283},"the-stack-overflow-podcast","the stack overflow podcast","Stung by OWASP? Chatting with the creator of the most popular web app scanner (Ep. 570)",[287,293,299,305],{"_id":288,"publishedAt":289,"slug":290,"sponsored":12,"title":292},"76c9771b-34e6-4d98-8641-ecefc711f0ef","2026-07-06T15:23:34.559Z",{"_type":10,"current":291},"when-the-sensor-starts-thinking-snortml-agentic-ai-and-the-evolving-architecture-of-intrusion-detection","When the sensor starts thinking: SnortML, agentic AI, and the evolving architecture of intrusion detection",{"_id":294,"publishedAt":295,"slug":296,"sponsored":12,"title":298},"28e560af-f0aa-4d46-bd90-f435ad604aa7","2026-06-26T14:00:27.102Z",{"_type":10,"current":297},"paging-charity-how-can-engineering-leaders-avoid-becoming-bond-villains","Paging Charity! How can engineering leaders avoid becoming Bond villains?",{"_id":300,"publishedAt":301,"slug":302,"sponsored":12,"title":304},"4b22c2a3-3779-4966-93eb-5230391dbdce","2026-06-23T14:08:58.595Z",{"_type":10,"current":303},"your-ai-shipped-a-backend-that-boots-that-is-the-whole-problem","Your AI shipped a backend that boots. That is the whole problem.",{"_id":306,"publishedAt":307,"slug":308,"sponsored":12,"title":310},"5cf362e1-fe7b-45af-b69c-914731c6a052","2026-06-23T14:00:00.000Z",{"_type":10,"current":309},"the-2026-developer-survey-is-now-open-for-human-developers-only","The 2026 Developer Survey is now open (for human developers only)!",{"data":312,"sourceMap":-1},{"count":313,"lastTimestamp":314},3,"2023-05-25T09:48:04Z"]