Application Security Testing Forum

Senior Project Manager
IT Central Station
Apr 12 2018
One of the most popular comparisons on IT Central Station is Netsparker Web Application Security Scanner vs OWASP Zap. People like you are trying to decide which one is best for their company. Can you help them out? Which of these two solutions would you recommend for Application Security? Why? Thanks for helping your peers make the best decision! --Nick
Content Specialist
IT Central Station
Mar 15 2018
One of the most popular comparisons on IT Central Station is OWASP Zap vs PortSwigger Burp? https://www.itcentralstation.com/products/comparisons/owasp-zap_vs_portswigger-burp?tid=il-q Which of these two solutions would you recommend for Application Security Testing and why? Thanks! --Rhea
Murat KayaBoth have very powerful abilities. ZAP can be an advantage for free, but Burp's free version will work similarly. As someone who uses both, depending on the circumstances, one can be preferred to the other.
Principal, Product at a tech vendor
Feb 26 2018
What security testing tools have you used that integrated well with your DevOps pipeline automation?
Hugo Van den BergSecurity starts way before testing actually. Make sure security is already part of the way you develop. We use an external bureau that does our security tests. That guarantees us an independant view of our security.
Dmitri T.It depends on your requirements, the list of security testing tools you can find at https://www.owasp.org/index.php/Appendix_A:_Testing_Tools. With regards to including security testing into continuous delivery pipeline you can consider using i.e. Apache JMeter (http://jmeter.apache.org/) - free and open source multiprotocol load testing tools. JMeter is mostly designed for performance testing, however it is very flexible and you can utilize it for security testing as well. See https://www.blazemeter.com/blog/security-testing-with-jmeter-learn-how guide for more details on several use cases
Associate Test Engineer with 501-1,000 employees
Jan 09 2018
Hi Guys, I'm currently working on vulnerability testing for our application. I just want to know which one is best, IBM Appscan or HP Fortify? Thanks in advance.

Sign Up with Email