In today’s DevSecOps environments, security testing can’t wait until production. Securing Applications with Checkmarx + ZAP teaches you how to integrate dynamic application security testing (DAST) directly into your development pipeline and make sense of the results. Through realistic, scenario-based labs, you’ll deploy and automate OWASP ZAP scans, interpret vulnerability reports, tune alert filters, and verify remediation through hands-on experimentation. You’ll also learn to synthesize technical findings into executive-level insights using simple frameworks like “What / So What / Now What.
Securing Applications with Checkmarx
Gain insight into a topic and learn the fundamentals.
Intermediate level
Recommended experience
4 hours to complete
Flexible schedule
Learn at your own pace
What you'll learn
Install Checkmarx ZAP and Docker for Desktop for code testing and analyze scan results and export actionable reports.
Differentiate DAST from SAST and set up Zap.
Describe container risks and best practices to identify vulnerabilities in images
Skills you'll gain
- Open Web Application Security Project (OWASP)
- Vulnerability Scanning
- Security Testing
- Computer Programming
- Technical Communication
- Continuous Monitoring
- Application Security
- Vulnerability Assessments
- Secure Coding
- DevSecOps
- CI/CD
- Vulnerability Management
- Docker (Software)
- Skills section collapsed. Showing 7 of 13 skills.
Details to know
Shareable certificate
Add to your LinkedIn profile
Assessments
1 assignment
Taught in English
Recently updated!
February 2026
See how employees at top companies are mastering in-demand skills
There are 3 modules in this course
This module introduces the fundamentals of Dynamic Application Security Testing (DAST) and shows how to integrate OWASP ZAP and Checkmarx DAST into a CI/CD workflow. Learners will deploy, configure, and automate baseline scans against a running web app, interpret basic results, and use those findings to drive early security conversations in development.
What's included
4 videos2 readings1 peer review
This module moves from simple scanning to analysis and precision. Learners will analyze ZAP results, differentiate between true and false positives, and tune alert filters for meaningful signal. They will then remediate vulnerabilities, re-scan to verify fixes, and document evidence of secure coding improvements.
What's included
3 videos1 reading1 peer review
The final module focuses on scaling and communicating application security insights. Learners will design automated reporting pipelines, evaluate vulnerability trends across builds, and create executive-ready summaries using ZAP reports and dashboard data. The emphasis is on converting raw findings into actionable intelligence and measurable business value.
What's included
4 videos1 reading1 assignment2 peer reviews
Offered by
Why people choose Coursera for their career
Felipe M.
Learner since 2018
"To be able to take courses at my own pace and rhythm has been an amazing experience. I can learn whenever it fits my schedule and mood."
Jennifer J.
Learner since 2020
"I directly applied the concepts and skills I learned from my courses to an exciting new project at work."
Larry W.
Learner since 2021
"When I need courses on topics that my university doesn't offer, Coursera is one of the best places to go."
Chaitanya A.
"Learning isn't just about being better at your job: it's so much more than that. Coursera allows me to learn without limits."
