OWASP Zap Review

Open-source and easy to use with a straightforward setup


What is our primary use case?

Currently, we deploy these tools to serve in a few of our services in the organization.

What is most valuable?

The solution is very easy to use.

The initial setup is straightforward.

The solution is free due to the fact that it is open-source.

The stability of the solution is very good.

The product has a strong community surrounding it to help with issues and troubleshooting.

What needs improvement?

The technical support could be improved. It doesn't offer traditional technical support at all.

It would be a great improvement if they could include a marketplace to add extra features to the tool. It would make it more customizable and allow users to add more features as they like.

For how long have I used the solution?

I've been using the solution for a while. I've used it at least over the last 12 months.

What do I think about the stability of the solution?

The stability of the solution s very good. We've never had any issues. It's been reliable. There are no bugs or glitches. It doesn't crash or freeze.

What do I think about the scalability of the solution?

While the solution can scale to a certain extent, it cannot scale a lot. This is not one of the strengths of the product.

We only have one user that is engaged with the solution currently.

How are customer service and technical support?

OWASP is an open-source solution. There's a big community surrounding it, however, it does not have traditional technical support. The main support comes from the community itself. If you have questions, you can find them there, or ask the community for feedback.

Which solution did I use previously and why did I switch?

We previously used the PortSwigger Burp Suite. It's a commercial version with support. We had to pay for the solution on a yearly basis, whereas OWASP is open-source and free.

How was the initial setup?

We found the initial setup to be very straightforward. It's easy. It's not complex. A company shouldn't have any issues with the implementation process.

The deployment only took half an hour. It wasn't more than that. The process is pretty fast.

YOu do not need a big team to handle the deployment process. We only used two.

What about the implementation team?

We deployed the solution ourselves using an in-house team. We didn't need the assistance of consultants or integrators from outside firms.

What's my experience with pricing, setup cost, and licensing?

The solution is open-source. It doesn't cost anything to use it.

What other advice do I have?

We are a customer and end-user of the product.

There's lots of information online for users who are curious to learn more about the product.

In general, I would rate this solution at an eight out of ten. We've been largely satisfied with the product overall.

Which deployment model are you using for this solution?

On-premises
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More OWASP Zap reviews from users
...who work at a Computer Software Company
...who compared it with Veracode
Learn what your peers think about OWASP Zap. Get advice and tips from experienced pros sharing their opinions. Updated: September 2021.
534,226 professionals have used our research since 2012.
Add a Comment
ITCS user
Guest