Try our new research platform with insights from 80,000+ expert users
OWASP Zap Logo

OWASP Zap Reviews

Vendor: OWASP
3.8 out of 5
844 followers
Post review

What is OWASP Zap?

Featured reviews

OWASP Zap mindshare

As of January 2025, the mindshare of OWASP Zap in the Static Application Security Testing (SAST) category stands at 5.2%, down from 6.1% compared to the previous year, according to calculations based on PeerSpot user engagement data.
Static Application Security Testing (SAST)

PeerAnalyst reports

TypeTitleDate
CategoryStatic Application Security Testing (SAST)Jan 10, 2025Download
ProductReviews, tips, and advice from real usersJan 10, 2025Download
ComparisonOWASP Zap vs SonarQube Server (formerly SonarQube)Jan 10, 2025Download
ComparisonOWASP Zap vs VeracodeJan 10, 2025Download
ComparisonOWASP Zap vs Checkmarx OneJan 10, 2025Download
Suggested products
TitleRatingMindshareRecommending
SonarQube Server (formerly SonarQube)4.028.4%81%113 interviewsAdd to research
GitLab4.32.8%97%81 interviewsAdd to research
 
 
Key learnings from peers

Valuable Features

Room for Improvement

ROI

Pricing

Popular Use Cases

Service and Support

Deployment

Scalability

Stability

Review data by company size

By reviewers
By visitors reading reviews

Top industries

By visitors reading reviews
Computer Software Company
19%
Financial Services Firm
12%
Manufacturing Company
8%
Government
7%
University
6%
Educational Organization
5%
Healthcare Company
4%
Retailer
4%
Comms Service Provider
4%
Insurance Company
3%
Media Company
3%
Real Estate/Law Firm
3%
Construction Company
3%
Non Profit
3%
Energy/Utilities Company
2%
Legal Firm
2%
Outsourcing Company
1%
Wholesaler/Distributor
1%
Hospitality Company
1%
Logistics Company
1%
Transportation Company
1%
Performing Arts
1%
Recreational Facilities/Services Company
1%
Consumer Goods Company
1%
Pharma/Biotech Company
1%

Learn more about OWASP Zap

Product Video

OWASP Zap video

OWASP Zap customers

Related questions

 

OWASP Zap reviews

Sort by:
Amit Beniwal - PeerSpot user
Project Manager at Al Hassan LLC
Verified user of OWASP Zap
Nov 26, 2024
Simplifies vulnerability discovery and has high quality support

Pros

"One valuable feature of OWASP Zap is that it is simple to use. "

Cons

"There are areas for improvement with OWASP Zap, particularly in the alignment of vulnerabilities concerning CVSS scores. "
AnkithKumar - PeerSpot user
Application Security Consultant at a tech services company with 10,001+ employees
Verified user of OWASP Zap
Jul 11, 2022
Great for automating and testing and has tightened our security

Pros

"The solution has tightened our security."

Cons

"Lacks resources where users can internally access a learning module from the tool. "
Find out what your peers are saying about OWASP Zap. Updated December 2024
830,526 professionals have used our research since 2012.
PN
Researcher in Cyber Security at Sekolah Tinggi Ilmu Statistik BPS
Verified user of OWASP Zap
Apr 11, 2024
Offers automated scanning feature and spidering capabilities have improved our security testing

Pros

"The best feature is the Zap HUD (Heads Up Display) because the customers can use the website normally. If we scan websites with automatic scanning, and the website has a web application firewall, it's very difficult. "

Cons

"It would be beneficial to enhance the algorithm to provide better summaries of automatic scanning results."
DD
Cloud Solutions Architect at TANGENT SOLUTIONS
Verified user of OWASP Zap
Mar 23, 2024
Enables to perform general health checks and ensure the sites are secure

Pros

"The ZAP scan and code crawler are valuable features."

Cons

"Sometimes, we get some false positives."
JoelGeorge - PeerSpot user
Associate at Tata Consultancy
Verified user of OWASP Zap
Apr 26, 2022
Scans quickly and works very well, but has a limited scope and needs more comprehensive reporting

Pros

"Two features are valuable. The first one is that the scan gets completed really quickly, and the second one is that even though it searches in a limited scope, what it does in that limited scope is very good. When you use Zap for testing, you're only using it for specific aspects or you're only looking for certain things. It works very well in that limited scope."

Cons

"The work that it does in the limited scope is good, but the scope is very limited in terms of the scanning features. The number of things it tests or finds is limited. They need to make it a more of a mainstream tool that people can use, and they can even think about having it on a proprietary basis. They need to increase the coverage of the scan and the results that it finds. That has always been Zap's limitation. Zap is a very good tool for a beginner, but once you start moving up the ladder where you want further details and you want your scan to show more in-depth results, Zap falls short because its coverage falls short. It does not have the capacity to do more."
PeerSpot user
Cyber Security Engineer at a transportation company with 10,001+ employees
Verified user of OWASP Zap
Mar 23, 2023
Good functionality and works well with Portswigger Burp but it needs to add more extensions

Pros

"It's great that we can use it with Portswigger Burp."

Cons

"They stopped their support for a short period. They've recently started to come back again. In the early days, support was much better. "
NathanNV - PeerSpot user
Elite Global CISO at Scybers
Verified user of OWASP Zap
Oct 20, 2023
A stable and available solution that helps users scan and fix vulnerabilities in the pipeline

Pros

"The product helps users to scan and fix vulnerabilities in the pipeline."

Cons

"The technical support team must be proactive."
BS
Assistant Vice President at Hexaware Technologies Limited
Verified user of OWASP Zap
Nov 12, 2020
Great at reporting vulnerabilities, helps with security, and reveals development threats well

Pros

"The solution is good at reporting the vulnerabilities of the application. "

Cons

"It would be ideal if I could try some pre-built deployment scenarios so that I don't have to worry about whether the configuration sector team is doing it right or wrong. That would be very helpful."