GitLab vs OWASP Zap Comparison 2024

GitLab

OWASP Zap

GitLab

Read 70 GitLab reviews

3,623 views|2,942 comparisons

OWASP Zap

Read 37 OWASP Zap reviews

20,743 views|9,827 comparisons

Comparison Buyer's Guide

Download the complete report

Buyer's Guide

GitLab vs. OWASP Zap

May 2024

Executive Summary

Updated on Nov 2, 2022

We performed a comparison between GitLab and OWASP Zap based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.

Ease of Deployment: GitLab users say deployment is straightforward. Some OWASP Zap users say the solution is easy to deploy, while some find it difficult.

Features: Users of both products are happy with their stability, scalability, and ease of use.

GitLab users like the solution’s mature CI/CD engine, UI, and its DevOps. Reviewers mention that the integration with Kubernetes needs improvement and that the solution should be more cloud-native.

OWASP Zap users like the solution’s heads up display, reporting of vulnerabilities, and reliability. Users say they would like to see a marketplace of additional options offered.

Pricing: Gitlab has an open-source edition and a commercial version. Most users consider the commercial version to be reasonably priced, while a few feel it is expensive. Users of OWASP Zap note that it is an open-source solution.

Service and Support: Gitlab users share mixed reviews on the support they receive. Most users of OWASP Zap note that the community support makes up for the fact that it lacks traditional technical support.

Comparison Results: Of the two solutions, users find deployment to be easier with Gitlab. For this reason, Gitlab comes out slightly on top in this comparison.

To learn more, read our detailed GitLab vs. OWASP Zap Report (Updated: May 2024).

Download the complete report

770,141 professionals have used our research since 2012.

Featured Review

Nakul Kundaliya

Technical Lead Developer at Mayora Infotech

Scalable, automatic code merging, and free version available

GitLab has helped our company save time. In our current project, we have split the job into two parts, one team is working on one particular... Read more →

Anonymous User

Cyber Security Engineer at a transportation company

Good functionality and works well with Portswigger Burp but it needs to add more extensions

It helps that we can use it hand in hand with Portswigger Burp. Since each have scanning capabilities, we can use them together and leverage... Read more →

Quotes From Members

We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:

Pros

"For us, Gitlab's most valuable feature is the integration with Cypress. We're using Cypress as an automation tool, so we're using GitLab as a tool for running in parallel.""As a developer, this solution is useful as a repository holder because most of the POC projects that we have are on GitLab.""GitLab integrates well with other platforms.""The most valuable feature of GitLab is the ability to upload scripts and make changes when needed and then reupload them. Additionally, the solution is user-friendly.""The best thing is that as the developers work on separate tasks, all of the code goes there and the other team members don't have to wait on each other to finish.""The most valuable feature of GitLab is the automatic merging of code.""GitLab is very useful for pipelines, continuous integration, and continuous deployment. It is also stable.""I like GitLab from the CI/CD perspective. It is much easier to set up CI/CD and then integrate with other tools."

More GitLab Pros →

"You can run it against multiple targets.""The vulnerabilities that it finds, because the primary goal is to secure applications and websites.""Fuzzer and Java APIs help a lot with our custom needs.""The community edition updates services regularly. They add new vulnerabilities into the scanning list.""The application scanning feature is the most valuable feature.""Stability-wise, I rate the solution a nine out of ten. I think it's stable enough. I don't see any crashes within the application, so its stability is high.""The API is exceptional.""It has evolved over the years and recently in the last year they have added, HUD (Heads Up Display)."

More OWASP Zap Pros →

Cons

"GitLab could consider introducing a code-scanning tool. Purchasing such tools from external markets can incur charges, which might not be favorable. Integrating these features into GitLab would streamline the pipeline and make it more convenient for users.""It would be really good if they integrated more features in application security.""The solution could be faster.""We are having a few problems integrating with Jira at the moment, which is something that our IT department is investigating.""This solution could be improved by adding modifications such as slack notifications.""The solution should again offer an on-premises deployment option.""There is room for improvement in GitLab Agents.""I would like to see security increased in the future. A secure environment is very important."

More GitLab Cons →

"It would be beneficial to enhance the algorithm to provide better summaries of automatic scanning results.""I would like to see a version of “repeater” within OWASP ZAP, a tool capable of sending from one to 1000 of the same requests, but with preselected modified fields, changing from a predetermined word list, or manually created.""The solution is unable to customize reports.""Deployment is somewhat complicated.""It would be nice to have a solid SQL injection engine built into Zap.""The port scanner is a little too slow.""The documentation is lacking and out-of-date, it really needs more love.""The product reporting could be improved."

More OWASP Zap Cons →

Pricing and Cost Advice

"I think that we pay approximately $100 USD per month."

"The price is okay."

"It seems reasonable. Our IT team manages the licenses."

"Its price is fine. It is on the cheaper side and not expensive. You have to pay additionally for GitLab CI/CD minutes. Initially, we used the free version. When we ran out of GitLab minutes, we migrated to the paid version."

"It is very expensive. We can't bear it now, and we have to find another solution. We have a yearly subscription in which we can increase the number of licenses, but we have to pay at the end of the year."

"I don't mind the price because I use the free version."

"We are using its free version, and we are evaluating its Premium version. Its Ultimate version is very expensive."

"The price of GitLab could be better, it is expensive."

More GitLab Pricing and Cost Advice →

"It is highly recommended as it is an open source tool."

"It's free and open, currently under the Apache 2 license. If ZAP does what you need it to do, selling a free solution is a very easy."

"OWASP ZAP is a free tool provided by OWASP’s engineers and experts. There is an option to donate."

"As Zap is free and open-source, with tons of features similar to those of commercial solutions, I would definitely recommend trying it out."

"It's free. It's good for us because we don't know what the extent of our use will be yet. It's good to start with something free and easy to use."

"OWASP Zap is free to use."

"This app is completely free and open source. So there is no question about any pricing."

"This is an open-source solution and can be used free of charge."

More OWASP Zap Pricing and Cost Advice →

See Which Vendors Are Best For You

Use our free recommendation engine to learn which Application Security Testing (AST) solutions are best for your needs.

See Recommendations

770,141 professionals have used our research since 2012.

Questions from the Community

What do you like most about GitLab?

Top Answer:I find the features and version control history to be most valuable for our development workflow. These aspects provide us with a clear view of changes and help us manage requests efficiently.

Read all 43 answers →

What is your experience regarding pricing and costs for GitLab?

Top Answer:For small-scale usage, GitLab offers a free tier. For enterprise pricing, GitLab is more expensive than GitHub, as it's not as widely adopted. GitLab is the preferred choice for many developers… more »

Read all 31 answers →

What needs improvement with GitLab?

Top Answer:I believe there's room for improvement in the advanced features, particularly in enhancing the pipeline functionalities. Better integration and usability within the pipeline could make a significant… more »

Read all 43 answers →

Is OWASP Zap better than PortSwigger Burp Suite Pro?

Top Answer:OWASP Zap and PortSwigger Burp Suite Pro have many similar features. OWASP Zap has web application scanning available with basic security vulnerabilities while Burp Suite Pro has it available with… more »

Read all 3 answers →

What do you like most about OWASP Zap?

Top Answer:The best feature is the Zap HUD (Heads Up Display) because the customers can use the website normally. If we scan websites with automatic scanning, and the website has a web application firewall, it's… more »

Read all 28 answers →

What is your experience regarding pricing and costs for OWASP Zap?

Top Answer:The tool is open source.

Read all 16 answers →

Ranking

8th

out of 67 in Application Security Testing (AST)

Views

3,623

Comparisons

2,942

Reviews

Average Words per Review

406

Rating

8.6

7th

out of 67 in Application Security Testing (AST)

Views

20,743

Comparisons

9,827

Reviews

Average Words per Review

392

Rating

7.6

Comparisons

Microsoft Azure DevOps vs. GitLab

Compared 50% of the time.

Bamboo vs. GitLab

Compared 5% of the time.

SonarQube vs. GitLab

Compared 5% of the time.

AWS CodePipeline vs. GitLab

Compared 5% of the time.

Tekton vs. GitLab

Compared 4% of the time.

More GitLab Competitors →

SonarQube vs. OWASP Zap

Compared 21% of the time.

Acunetix vs. OWASP Zap

Compared 13% of the time.

Qualys Web Application Scanning vs. OWASP Zap

Compared 11% of the time.

PortSwigger Burp Suite Professional vs. OWASP Zap

Compared 10% of the time.

Rapid7 InsightAppSec vs. OWASP Zap

Compared 2% of the time.

More OWASP Zap Competitors →

Also Known As

Fuzzit

Learn More

GitLab

OWASP

Overview

GitLab is a complete DevOps platform that enables teams to collaborate and deliver software faster.

It provides a single application for the entire DevOps lifecycle, from planning and development to testing, deployment, and monitoring.

With GitLab, teams can streamline their workflows, automate processes, and improve productivity.

OWASP Zap is a free and open-source web application security scanner.

The solution helps developers identify vulnerabilities in their web applications by actively scanning for common security issues.

With its user-friendly interface and powerful features, Zap is a popular choice among developers for ensuring the security of their web applications.

Sample Customers

1. NASA 2. IBM 3. Sony 4. Alibaba 5. CERN 6. Siemens 7. Volkswagen 8. ING 9. Ticketmaster 10. SpaceX 11. Adobe 12. Intuit 13. Autodesk 14. Rakuten 15. Unity Technologies 16. Pandora 17. Electronic Arts 18. Nordstrom 19. Verizon 20. Comcast 21. Philips 22. Deutsche Telekom 23. Orange 24. Fujitsu 25. Ericsson 26. Nokia 27. General Electric 28. Cisco 29. Accenture 30. Deloitte 31. PwC 32. KPMG

1. Google 2. Microsoft 3. IBM 4. Amazon 5. Facebook 6. Twitter 7. LinkedIn 8. Netflix 9. Adobe 10. PayPal 11. Salesforce 12. Cisco 13. Oracle 14. Intel 15. HP 16. Dell 17. VMware 18. Symantec 19. McAfee 20. Citrix 21. Red Hat 22. Juniper Networks 23. SAP 24. Accenture 25. Deloitte 26. Ernst & Young 27. PwC 28. KPMG 29. Capgemini 30. Infosys 31. Wipro 32. TCS

Top Industries

REVIEWERS

Financial Services Firm16%

Computer Software Company16%

Manufacturing Company13%

Retailer10%

VISITORS READING REVIEWS

Educational Organization25%

Computer Software Company12%

Financial Services Firm11%

Manufacturing Company8%

REVIEWERS

Computer Software Company25%

Financial Services Firm15%

Retailer10%

Energy/Utilities Company10%

VISITORS READING REVIEWS

Computer Software Company18%

Financial Services Firm10%

Government7%

Comms Service Provider7%

Company Size

REVIEWERS

Small Business44%

Midsize Enterprise9%

Large Enterprise47%

VISITORS READING REVIEWS

Small Business15%

Midsize Enterprise34%

Large Enterprise51%

REVIEWERS

Small Business22%

Midsize Enterprise30%

Large Enterprise49%

VISITORS READING REVIEWS

Small Business21%

Midsize Enterprise15%

Large Enterprise64%

Buyer's Guide

GitLab vs. OWASP Zap

May 2024

Free Report: GitLab vs. OWASP Zap

Find out what your peers are saying about GitLab vs. OWASP Zap and other solutions. Updated: May 2024.

DOWNLOAD NOW

770,141 professionals have used our research since 2012.

GitLab is ranked 8th in Application Security Testing (AST) with 70 reviews while OWASP Zap is ranked 7th in Application Security Testing (AST) with 37 reviews. GitLab is rated 8.6, while OWASP Zap is rated 7.6. The top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". On the other hand, the top reviewer of OWASP Zap writes "Great for automating and testing and has tightened our security ". GitLab is most compared with Microsoft Azure DevOps, Bamboo, SonarQube, AWS CodePipeline and Tekton, whereas OWASP Zap is most compared with SonarQube, Acunetix, Qualys Web Application Scanning, PortSwigger Burp Suite Professional and Rapid7 InsightAppSec. See our GitLab vs. OWASP Zap report.

See our list of best Application Security Testing (AST) vendors.

We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.

GitLab vs OWASP Zap comparison