secureCodeBox · Reet00 · Apr 22, 2024 · Apr 11, 2024 · Apr 11, 2024 · Apr 18, 2024
diff --git a/auto-discovery/kubernetes/.helm-docs.gotmpl b/auto-discovery/kubernetes/.helm-docs.gotmpl
@@ -23,7 +23,7 @@ The Kubernetes AutoDiscovery needs to be deployed along side the secureCodeBox O
 
 The AutoDiscovery controller will automatically detect these new resources (services and containers) and start secureCodeBox _scans_ for them:
 
-1. A ZAP Baseline Scan to detect basic web vulnerabilities in the service. (Using OWASP ZAP)
+1. A ZAP Baseline Scan to detect basic web vulnerabilities in the service. (Using ZAP)
 2. An image scan scanning for vulnerable libraries in the docker / container image of the deployment. (Using trivy)
 3. (WIP) A TLS Scan against the certificate of the ingress for the host. (Using SSLyze)
 
@@ -43,7 +43,7 @@ The AutoDiscovery automatically tracks the lifecycle of the kubernetes resources
 This example deploys [JuiceShop](https://owasp.org/www-project-juice-shop/) to a new Kubernetes Namespace.
 (You can find the kubernetes manifests for the deployment [here](./demo/juice-shop.yaml))
 
-The AutoDiscovery will automatically pick up this new deployment and then starts a OWASP ZAP Scan against it.
+The AutoDiscovery will automatically pick up this new deployment and then starts a ZAP Scan against it.
 The scan created uses our `zap-advanced` ScanType by default, this can be changed with the `config.serviceAutoDiscovery.scanConfig.scanType` config on the autoDiscovery helm release.
 
 When the ContainerAutoDiscovery is enabled, the AutoDiscovery can also create a trivy scan for each unique container image (having multiple pods with the same container will only create one scan). The scan type can be defined with `config.containerAutoDiscovery.scanConfig.scanType`.

diff --git a/auto-discovery/kubernetes/README.md b/auto-discovery/kubernetes/README.md
diff --git a/auto-discovery/kubernetes/docs/README.ArtifactHub.md b/auto-discovery/kubernetes/docs/README.ArtifactHub.md
diff --git a/auto-discovery/kubernetes/docs/README.DockerHub-Core.md b/auto-discovery/kubernetes/docs/README.DockerHub-Core.md
@@ -56,7 +56,7 @@ docker pull securecodebox/auto-discovery-kubernetes
 This example deploys [JuiceShop](https://owasp.org/www-project-juice-shop/) to a new Kubernetes Namespace.
 (You can find the kubernetes manifests for the deployment [here](./demo/juice-shop.yaml))
 
-The AutoDiscovery will automatically pick up this new deployment and then starts a OWASP ZAP Scan against it.
+The AutoDiscovery will automatically pick up this new deployment and then starts a ZAP Scan against it.
 The scan created uses our `zap-advanced` ScanType by default, this can be changed with the `config.serviceAutoDiscovery.scanConfig.scanType` config on the autoDiscovery helm release.
 
 When the ContainerAutoDiscovery is enabled, the AutoDiscovery can also create a trivy scan for each unique container image (having multiple pods with the same container will only create one scan). The scan type can be defined with `config.containerAutoDiscovery.scanConfig.scanType`.

diff --git a/auto-discovery/readme.md b/auto-discovery/readme.md
@@ -17,4 +17,4 @@ The scans it would start:
 
 1. A image scan scanning for vulnerable libraries in the docker / container image of the deployment. (Using trivy)
 2. A TLS scan against the certificate of the ingress for the host. (Using SSLyze)
-3. A ZAP scan to detect basic web vulnerabilities in the service. (Using OWASP ZAP)
+3. A ZAP scan to detect basic web vulnerabilities in the service. (Using ZAP)
diff --git a/documentation/blog/2023-09-01-automate-zap-with-authentication.md b/documentation/blog/2023-09-01-automate-zap-with-authentication.md
@@ -15,7 +15,7 @@ authors:
     image_url: https://avatars.githubusercontent.com/u/1688580?v=4
 tags:
 - secureCodeBox
-- OWASP ZAP automation
+- ZAP automation
 - Authentication
 description: This post describes how to automate ZAP to authenticate against an API
 ---

diff --git a/documentation/docs/auto-discovery/overview.md b/documentation/docs/auto-discovery/overview.md
@@ -13,6 +13,6 @@ sidebar_position: 0
 
 The secureCodeBox (SCB) AutoDiscovery is an optional component that automates the process of setting up scheduled scans for Kubernetes resources inside a cluster. The AutoDiscovery will observe the scanned Kubernetes resources over their whole lifecycle. It will automatically create, update and delete scans when necessary. Currently the SCB AutoDiscovery supports two modes that can be enabled independently:
 
-- [Service AutoDiscovery](./service-auto-discovery): Creates scans for (http) services inside a kubernetes cluster. With it you can automatically start scanners like OWASP ZAP or nuclei for all web applications inside the cluster.
+- [Service AutoDiscovery](./service-auto-discovery): Creates scans for (http) services inside a kubernetes cluster. With it you can automatically start scanners like ZAP or nuclei for all web applications inside the cluster.
 
 - [Container AutoDiscovery](./container-auto-discovery): Creates scans for containers running inside a kubernetes cluster. This allows you to automatically create trivy container image scans for all container images inside a cluster.
diff --git a/documentation/docs/how-tos/scanning-web-applications.md b/documentation/docs/how-tos/scanning-web-applications.md
@@ -4,7 +4,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 title: "Scanning Web Applications"
-description: "Automating OWASP ZAP with the secureCodeBox"
+description: "Automating ZAP with the secureCodeBox"
 sidebar_position: 3
 ---
 

diff --git a/scanners/zap-advanced/.helm-docs.gotmpl b/scanners/zap-advanced/.helm-docs.gotmpl
@@ -25,9 +25,9 @@ usecase: "WebApp & OpenAPI Vulnerability Scanner extend with authentication feat
 {{- end }}
 
 {{- define "extra.chartAboutSection" -}}
-## What is OWASP ZAP?
+## What is ZAP?
 
-The [OWASP Zed Attack Proxy (ZAP)][zap owasp project] is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing.
+The Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing.
 
 To learn more about the ZAP scanner itself visit [https://www.zaproxy.org/](https://www.zaproxy.org/).
 {{- end }}
@@ -42,7 +42,7 @@ The command line interface can be used to easily run server scans: `-t www.examp
 ```bash
 usage: zap-client [-h] -z ZAP_URL [-a API_KEY] [-c CONFIG_FOLDER] -t TARGET [-o OUTPUT_FOLDER] [-r XML,XML-plus,JSON,JSON-plus,HTML,HTML-plus,MD]
 
-OWASP secureCodeBox OWASP ZAP Client  (can be used to automate OWASP ZAP instances based on YAML configuration files.)
+OWASP secureCodeBox ZAP Client  (can be used to automate ZAP instances based on YAML configuration files.)
 
 optional arguments:
   -h, --help            show this help message and exit
@@ -51,13 +51,13 @@ optional arguments:
   -a API_KEY, --api-key API_KEY
                         The ZAP API Key used to call the ZAP API.
   -c CONFIG_FOLDER, --config-folder CONFIG_FOLDER
-                        The path to a local folder containing the additional ZAP configuration YAMLs used to configure OWASP ZAP.
+                        The path to a local folder containing the additional ZAP configuration YAMLs used to configure ZAP.
   -t TARGET, --target TARGET
-                        The target to scan with OWASP ZAP.
+                        The target to scan with ZAP.
   -o OUTPUT_FOLDER, --output-folder OUTPUT_FOLDER
                         The path to a local folder used to store the output files, eg. the ZAP Report or logfiles.
   -r XML,XML-plus,JSON,JSON-plus,HTML,HTML-plus,MD, --report-type XML,XML-plus,JSON,JSON-plus,HTML,HTML-plus,MD
-                        The OWASP ZAP Report Type.
+                        The  ZAP Report Type.
 ```
 {{- end }}
 
@@ -88,7 +88,7 @@ Additionally, there will be some ZAP Scripts included, these are stored in the c
 │This CM contains ZAP session          │        │                  ▼                │       │A YAML configuration for ZAP that       │
 │scripts that are already included     │        │     │  ┌───────────────────┐  │   │       │relates to a single scan execution.     │
 │within the zap-advanced scanner.      │        │        │                   │      │       │- can by used for selected scans        │
-│Feel free to add your own.            │────────┼─────┼─▶│  OWASP ZAP Proxy  │  │   │       │- not created by default                │
+│Feel free to add your own.            │────────┼─────┼─▶│   ZAP Proxy  │  │   │       │- not created by default                │
 │                                      │        │        │                   │      └───────│- add your scan target specific config  │
 │ConfigMap: zap-scripts-session        │        │     │  └───────────────────┘  │           │- needs to be referenced in Scan        │
 └──────────────────────────────────────┘        │                                           │- please use SecretMap for credentials! │
@@ -459,7 +459,6 @@ zapConfiguration:
 {{- end }}
 
 {{- define "extra.scannerLinksSection" -}}
-[zap owasp project]: https://owasp.org/www-project-zap/
 [zap github]: https://github.com/zaproxy/zaproxy/
 [zap user guide]: https://www.zaproxy.org/docs/
 {{- end }}
diff --git a/scanners/zap-advanced/Chart.yaml b/scanners/zap-advanced/Chart.yaml
@@ -4,7 +4,7 @@
 
 apiVersion: v2
 name: zap-advanced
-description: A Helm chart for the OWASP ZAP (extended with advanced authentication features) security scanner that integrates with the secureCodeBox.
+description: A Helm chart for the ZAP (extended with advanced authentication features) security scanner that integrates with the secureCodeBox.
 type: application
 # version - gets automatically set to the secureCodeBox release version when the helm charts gets published
 version: v3.1.0-alpha1