What do you like most about OWASP Zap?
Thanks for sharing your thoughts with the community!
Automatic scanning is a valuable feature and very easy to use.
The stability of the solution is very good.
The solution is good at reporting the vulnerabilities of the application.
The interface is easy to use.
Simple to use, good user interface.
Automatic updates and pull request analysis.
The reporting is quite intuitive, which gives you a clear indication of what kind of vulnerability you have that you can drill down on to gather more information.
The scalability of this product is very good.
The OWASP's tool is free of cost, which gives it a great advantage, especially for smaller companies to make use of the tool.
This solution has improved my organization because it has made us feel safer doing frequent deployments for web applications. If we have something really big, we might get some professional company in to help us but if we're releasing small products, we will check it ourselves with Zap. It makes it easier and safer.
It can be used effectively for internal auditing.
The community edition updates services regularly. They add new vulnerabilities into the scanning list.
I would like to know if nowadays (2021) the license of Burp Suite Pro is worth the cost. Is it a good option to use OWASP Zap instead for testing security in web applications?