OWASP Zap Competitors and Alternatives

Get our free report covering PortSwigger, Acunetix, Veracode, and other competitors of OWASP Zap. Updated: July 2020.
430,988 professionals have used our research since 2012.

Read reviews of OWASP Zap competitors and alternatives

Rishi Kant
Real User
Senior Security Engineer at a insurance company with 10,001+ employees
May 18 2019

What is most valuable?

There are several features that I like about this solution. The most valuable feature is that it has support for add-ons where we can add extra little scripts to the tool… more»

How has it helped my organization?

I don't have specific metrics but I can say that using this tool adds value.

What needs improvement?

There is a lot to this product, and it would be good if when you purchase the tool, they can provide us with a more extensive user manual. This would help us to better… more»

What's my experience with pricing, setup cost, and licensing?

The cost is approximately $500 for a single license, and there are no additional costs beyond the standard licensing fees.

Which solution did I use previously and why did I switch?

We have always used Burp Suite because it is a well-known tool.

What other advice do I have?

They are steadily improving things and adding features to this product. It was only three months ago when they added the dashboard support. Before that, they only had… more»

Which other solutions did I evaluate?

We considered using OWASP Zed Attack Proxy, which is open source. We decided to use this alongside the current solution, and also with IBM Security AppScan. This tool is… more»
Riley Black
Real User
Senior Security Analyst at a health, wellness and fitness company with 1,001-5,000 employees
Jun 02 2020

What is most valuable?

Greenlight - Developers can test their code before they commit. They are able to privately scan their code and correct any mistakes before it is committed into the build and scanned with the other components. SAST - During a build process… more»

How has it helped my organization?

Veracode has improved our Application Security program by providing numerous integrations and tools to take our AppSec/DevSecOps to the next level. Integrations into our developer's IDE (Greenlight) and the DevOps Pipeline SAST /… more»

What needs improvement?

Improve Mobile Application Dynamic Scanning DAST - .ipa and .apk. Right now I have to jailbreak an iPhone and Root an Android to intercept and fuzz requests with a Burp Suite Proxy. That is a very time-consuming process and there are lots… more»

Which solution did I use previously and why did I switch?

Previously used Burp Suite, OWASP Zed Attack Proxy, Python scripts / Powershell and Batch, Retire.JS, Vulners, and Wappalyzer browser plugins.

Which other solutions did I evaluate?

We also evaluated WhiteHat Security.
Get our free report covering PortSwigger, Acunetix, Veracode, and other competitors of OWASP Zap. Updated: July 2020.
430,988 professionals have used our research since 2012.