We performed a comparison between Ixia BreakingPoint and OWASP Zap based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."There is a virtual version of the product which is scaled to 100s of virtual testing blades."
"The DDoS testing module is useful and quick to use."
"The solution has many protocols and options, making it very flexible."
"It is a scalable solution."
"I like that we can test cloud applications."
"We use Ixia BreakingPoint for Layer 7 traffic generation. That's what we like."
"The most valuable feature of Ixia BreakingPoint is the ransomware and malware database for simulated attacks."
"This solution has improved my organization because it has made us feel safer doing frequent deployments for web applications. If we have something really big, we might get some professional company in to help us but if we're releasing small products, we will check it ourselves with Zap. It makes it easier and safer."
"The solution is scalable."
"Stability-wise, I rate the solution a nine out of ten. I think it's stable enough. I don't see any crashes within the application, so its stability is high."
"Automatic scanning is a valuable feature and very easy to use."
"You can run it against multiple targets."
"The best feature is the Zap HUD (Heads Up Display) because the customers can use the website normally. If we scan websites with automatic scanning, and the website has a web application firewall, it's very difficult."
"Automatic updates and pull request analysis."
"The OWASP's tool is free of cost, which gives it a great advantage, especially for smaller companies to make use of the tool."
"The price could be better."
"The solution originally was hard to configure; I'm not sure if they've updated this to make it simpler, but if not, it's something that could be streamlined."
"The integration could improve in Ixia BreakingPoint."
"They should improve UI mode packages for the users."
"The production traffic simulations are not realistic enough for some types of DDoS attacks."
"The quality of the traffic generation could be improved with Ixia BreakingPoint, i.e. to get closer to being accurate in what a real user will do."
"I would appreciate some preconfigured network neighborhoods, which are predefined settings for testing networks."
"It would be beneficial to enhance the algorithm to provide better summaries of automatic scanning results."
"The reporting feature could be more descriptive."
"It would be a great improvement if they could include a marketplace to add extra features to the tool."
"Deployment is somewhat complicated."
"Online documentation can be improved to utilize all features of ZAP and API methods to make use in automation."
"I'd like to see a kind of feature where we can just track what our last vulnerability was and how it has improved or not. More reports that can have some kind of base-lining, I think that would be a good feature too. I'm not sure whether it can be achieved and implement but I think that would really help."
"OWASP Zap needs to extend to mobile application testing."
"Reporting format has no output, is cluttered and very long."
Ixia BreakingPoint is ranked 23rd in Static Application Security Testing (SAST) with 8 reviews while OWASP Zap is ranked 7th in Static Application Security Testing (SAST) with 37 reviews. Ixia BreakingPoint is rated 8.4, while OWASP Zap is rated 7.6. The top reviewer of Ixia BreakingPoint writes "Works better for testing traffic, mix profile, and enrollment scenarios than other solutions". On the other hand, the top reviewer of OWASP Zap writes "Great for automating and testing and has tightened our security ". Ixia BreakingPoint is most compared with Spirent CyberFlood and Synopsys Defensics, whereas OWASP Zap is most compared with SonarQube, Acunetix, Qualys Web Application Scanning, PortSwigger Burp Suite Professional and Veracode. See our Ixia BreakingPoint vs. OWASP Zap report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.