OWASP Zap Review

Easy to install, free to use, but missing features


What is our primary use case?

We use OWASP Zap for web application security scanning.

What is most valuable?

They offer free access to some other tools.

What needs improvement?

Zap could improve by providing better reports for security and recommendations for the vulnerabilities. Additionally, they should allow more testing other than web applications, such as on the cloud and VMs.

For how long have I used the solution?

I have been using OWASP Zap for approximately three months.

Which solution did I use previously and why did I switch?

I have used other solutions, such as AngularJS.

How was the initial setup?

The installation is straightforward.

What's my experience with pricing, setup cost, and licensing?

This solution is open source and free.

Which other solutions did I evaluate?

I have been evaluating Armor for my teammates who are using ZAP. I have found that Armor is better than ZAP and we are looking to switch solutions.

What other advice do I have?

I rate OWASP Zap a six out of ten.

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More OWASP Zap reviews from users
...who work at a Computer Software Company
...who compared it with Veracode
Learn what your peers think about OWASP Zap. Get advice and tips from experienced pros sharing their opinions. Updated: September 2021.
535,015 professionals have used our research since 2012.
Add a Comment
ITCS user
Guest