We performed a comparison between OWASP Zap and Synopsys API Security Testing based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST)."It's great that we can use it with Portswigger Burp."
"They offer free access to some other tools."
"Simple and easy to learn and master."
"The interface is easy to use."
"Simple to use, good user interface."
"The stability of the solution is very good."
"It scans while you navigate, then you can save the requests performed and work with them later."
"This solution has improved my organization because it has made us feel safer doing frequent deployments for web applications. If we have something really big, we might get some professional company in to help us but if we're releasing small products, we will check it ourselves with Zap. It makes it easier and safer."
"The most valuable features of Synopsys API Security Testing are the metrics, results, and threat vectors that it shares."
"The documentation needs to be improved because I had to learn everything from watching YouTube videos."
"Zap could improve by providing better reports for security and recommendations for the vulnerabilities."
"The port scanner is a little too slow."
"It would be a great improvement if they could include a marketplace to add extra features to the tool."
"It would be ideal if I could try some pre-built deployment scenarios so that I don't have to worry about whether the configuration sector team is doing it right or wrong. That would be very helpful."
"If there was an easier to understand exactly what has been checked and what has not been checked, it would make this solution better. We have to trust that it has checked all known vulnerabilities but it's a bit hard to see after the scanning."
"I prefer Burp Suite to SWASP Zap because of the extensive coverage it offers."
"The reporting feature could be more descriptive."
"The solution required us to use our team and we spoke to Synopsys API Security Testing's support to do the implementation. We use two people from our team for the implementation. and one person for maintenance."
Earn 20 points
OWASP Zap is ranked 7th in Static Application Security Testing (SAST) with 37 reviews while Synopsys API Security Testing is ranked 30th in Static Application Security Testing (SAST). OWASP Zap is rated 7.6, while Synopsys API Security Testing is rated 7.0. The top reviewer of OWASP Zap writes "Great for automating and testing and has tightened our security ". On the other hand, the top reviewer of Synopsys API Security Testing writes "Useful threat vectors, beneficial results, but implementation needed support". OWASP Zap is most compared with SonarQube, Acunetix, Qualys Web Application Scanning, PortSwigger Burp Suite Professional and Veracode, whereas Synopsys API Security Testing is most compared with Seeker, Fortify WebInspect and Acunetix.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.