OWASP Zap Primary Use Case

Vijayanathan Naganathan
Director - Head of Delivery Services at Ticking Minds Technology Solutions Pvt Ltd
I focus on software application security. In most of the scenarios that we come across, the customers want complete assurance on security of their platforms/products/applications. Clients reach out to us for our abilities to unearth security issues. I get to use these tools to assess products/platforms before they go live to the market. View full review »
Vidar Folden
Consultant at Moller
Our primary use case of this solution is to scan and check that the applications we put on the internet are safe and secure. View full review »
GustavoGonzalez
Program Manager at a manufacturing company with 1,001-5,000 employees
OWASP ZAP is a very useful, light tool for beginners to learn how to “spider” across websites. It is easy to configure and generate reports. There are other solutions for more mature, experienced security analysts and testers, who are capable of extending the coverage of a security assessment. It is most frequently used to review HTTP methods, how are they constructed and if there is sensitive information in the traffic, such as how HTTPS certifications work on the website, scanning open ports visible via the web, and trying to modify HTTP methods to add or delete requests. I have used OWASP ZAP as part of my portfolio of security tools since 2013. View full review »
Find out what your peers are saying about OWASP , PortSwigger, Acunetix and others in Application Security Testing (AST). Updated: September 2019.
366,918 professionals have used our research since 2012.
Anish Mishra
Team Lead at a tech services company with 51-200 employees
Security/penetration testing of a Java-based Web application which is served over a SaaS platform. Zap has been integrated as one of the important tools in our QA cycle. All beta releases of our software go through Zap scanning. Custom reports are generated - they are pretty decent and standardized - and are submitted to upper management for auditing by a third-party. View full review »
Vinod_Gupta
CEO and Founder at Indicrypt Systems
We primarily use this application for web application spidering and vulnerability assessment. View full review »
Associa299191
Security Testing Engineer at a tech services company with 1,001-5,000 employees
The use case was we needed to scan our website to find out what vulnerabilities were present. We use it to scan the website, then take a report about what vulnerabilities are present on it. Next, we will manually verify those vulnerabilities for false positives. View full review »
OwaspZ677
Senior Engineer at a aerospace/defense firm with 10,001+ employees
We only tried out the demo to see what the solution offers and how it performs overall business scanning. They also offer open-source projects. View full review »
Dittin A
Staff Scientist/Senior Tech. Officer at a tech vendor with 501-1,000 employees
It is a security tool. We use it for application testing. View full review »
Krystian Przybyl
User
I tested this application for a bank and public projects. Now, I am testing products. View full review »
Find out what your peers are saying about OWASP , PortSwigger, Acunetix and others in Application Security Testing (AST). Updated: September 2019.
366,918 professionals have used our research since 2012.
Sign Up with Email