Try our new research platform with insights from 80,000+ expert users
RR
Security Testing Engineer at a tech services company with 1,001-5,000 employees
Real User
Download
The community edition updates services regularly. They add new vulnerabilities into the scanning list.
Pros and Cons
  • "The community edition updates services regularly. They add new vulnerabilities into the scanning list."
  • "As security evolves, we would like DevOps built into it. As of now, Zap does not provide this."

What is our primary use case?

The use case was we needed to scan our website to find out what vulnerabilities were present.

We use it to scan the website, then take a report about what vulnerabilities are present on it. Next, we will manually verify those vulnerabilities for false positives.

How has it helped my organization?

Every now and then, there is an update. They add new vulnerabilities to the scan list. That is where they just keep on improving.

What is most valuable?

The community support that ZAP provides me. As an open source, it provides me flexibility and is convenient to use.

What needs improvement?

As security evolves, we would like DevOps built into it. As of now, Zap does not provide this.

I would like to have more vulnerabilities added to the scan list, because as of now, it covers around 72 to 80. I need more because we need broader coverage.

Buyer's Guide
OWASP Zap
May 2025
Free Report: OWASP Zap Reviews and More
Learn what your peers think about OWASP Zap. Get advice and tips from experienced pros sharing their opinions. Updated: May 2025.
DOWNLOAD NOW
851,823 professionals have used our research since 2012.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

Stability is good.

What do I think about the scalability of the solution?

We have not scaled yet. Though, we should be able to scale.

How are customer service and support?

I have not used any support for this solution yet.

How was the initial setup?

The initial setup is straightforward, because we can integrate it directly into the SDLC.

What other advice do I have?

The community edition updates services regularly. They add new vulnerabilities into the scanning list.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Buyer's Guide
Download our free OWASP Zap Report and get advice and tips from experienced pros sharing their opinions.
Updated: May 2025
DOWNLOAD NOW
Buyer's Guide
Download our free OWASP Zap Report and get advice and tips from experienced pros sharing their opinions.
Buyer's Guide
OWASP Zap
May 2025
DOWNLOAD NOW
Quick Links
Learn More: Questions: