Explore the new Heads Up Display feature of OWASP Zed Attack Proxy (ZAP) in this conference talk from AppSecUSA 2018. Discover how this popular free security tool can automatically detect vulnerabilities in web applications during development and testing phases. Learn about ZAP's capabilities for both automated and manual security testing, with a focus on the innovative Heads Up Display. Follow along as David Scrobonia demonstrates key features, including enabling hidden fields, attack mode, page alert icons, and scripting. Gain insights into the SAP API, understand how the Heads Up Display works under the hood, and explore its source code and service worker implementation. Whether you're a developer, tester, or experienced pentester, this talk offers valuable knowledge to enhance your web application security practices.