We performed a comparison between OWASP Zap and Seeker based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST)."The best feature is the Zap HUD (Heads Up Display) because the customers can use the website normally. If we scan websites with automatic scanning, and the website has a web application firewall, it's very difficult."
"The product discovers more vulnerabilities compared to other tools."
"Stability-wise, I rate the solution a nine out of ten. I think it's stable enough. I don't see any crashes within the application, so its stability is high."
"The scalability of this product is very good."
"Simple and easy to learn and master."
"Fuzzer and Java APIs help a lot with our custom needs."
"The application scanning feature is the most valuable feature."
"This solution has improved my organization because it has made us feel safer doing frequent deployments for web applications. If we have something really big, we might get some professional company in to help us but if we're releasing small products, we will check it ourselves with Zap. It makes it easier and safer."
"A significant advantage of Seeker is that it is an interactive scanner, and we have found it to be much more effective in reducing the amount of false positives than dynamic scanners such as AppScan, Micro Focus Fortify, etc. Furthermore, with Seeker, we are finding more and more valid (i.e. "true") positives over time compared with the dynamic scanners."
"The work that it does in the limited scope is good, but the scope is very limited in terms of the scanning features. The number of things it tests or finds is limited. They need to make it a more of a mainstream tool that people can use, and they can even think about having it on a proprietary basis. They need to increase the coverage of the scan and the results that it finds. That has always been Zap's limitation. Zap is a very good tool for a beginner, but once you start moving up the ladder where you want further details and you want your scan to show more in-depth results, Zap falls short because its coverage falls short. It does not have the capacity to do more."
"The port scanner is a little too slow."
"It doesn't run on absolutely every operating system."
"Deployment is somewhat complicated."
"Too many false positives; test reports could be improved."
"It would be nice to have a solid SQL injection engine built into Zap."
"It would be a great improvement if they could include a marketplace to add extra features to the tool."
"There are too many false positives."
"One area that Seeker can improve is to make it more customizable. All security scanning tools have a defined set of rules that are based on certain criteria which they will use to detect issues. However, the criteria that you set initially is not something that all applications are going to need."
OWASP Zap is ranked 8th in Static Application Security Testing (SAST) with 37 reviews while Seeker is ranked 25th in Static Application Security Testing (SAST) with 1 review. OWASP Zap is rated 7.6, while Seeker is rated 7.0. The top reviewer of OWASP Zap writes "Great for automating and testing and has tightened our security ". On the other hand, the top reviewer of Seeker writes "More effective than dynamic scanners, but is missing useful learning capabilities". OWASP Zap is most compared with SonarQube, Acunetix, Qualys Web Application Scanning, Veracode and PortSwigger Burp Suite Professional, whereas Seeker is most compared with Synopsys API Security Testing, Coverity, Contrast Security Assess, SonarQube and Polaris Software Integrity Platform.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.