I use the solution to follow the framework and help my developers develop apps securely from the ground up with the right practices in mind. As part of the DevOps process, we use the tool to scan and see if the web apps are vulnerable. We integrated the tool into our development life cycle for security testing in our DevOps pipeline. We use the tool to spider and test the website.
OWASP Zap is used for dynamic testing. So when any kind of application, like, a web application, needs to be tested for its security and vulnerabilities. It is also used to crawl the site and then to enumerate all the input or the possible exploitation points, and then we try to exploit any blockings within OWASP Zap.
Cyber Security Engineer at a transportation company with 10,001+ employees
Real User
Top 20
2023-03-16T16:40:17Z
Mar 16, 2023
I primarily use the solution for different use cases. It's good for analysis. It also offers additional extensions you can take advantage of. There are different scan extensions you can leverage.
Our primary use case for this solution is for reviewing applications developed in-house to test for known vulnerabilities, and we deploy this product on-premises. Additionally, we use the solution to review some applications that were developed in-house and test for any general or known vulnerabilities before moving them to the production environment.
I use this solution to test applications; web applications, web APIs, and infrastructure. For the web APIs and applications, I use OWASP Zap for interpreting requests and responses, and to see how the application behaves to resist payloads. This is one of the basic applications for us to automate and test. We are customers of OWASP Zap and I'm an application security consultant.
President & Owner at Aydayev's Investment Business Group
Real User
2021-06-16T14:05:43Z
Jun 16, 2021
The solution has certain models. It allows the creation of a pipeline in respect of the interface or of certain content. It enables one to check that the security is as it should be.
Technical Specialist(DevOps) at a tech services company with 1,001-5,000 employees
Real User
2021-04-06T13:58:13Z
Apr 6, 2021
We are using this product at a very basic level to scan reports and then share them with the Dev team for any vulnerabilities. We use the open source version and we are end users.
Assistant Vice President at Hexaware Technologies Limited
Vendor
2020-11-12T08:21:07Z
Nov 12, 2020
Currently, we build our products for the banking industry and use this solution in that process. From a development cycle, we update the SQL injections that basically shows what a developer may have to address. Then, if there is still a problem, we're concerned at the architect level. That's at least initially reported by the customers when they do another round of review after we deliver our code.
Our primary use case is for scanning. We have Bamboo, Nexus and Artifactory and we are able to make snapshots. When we get a pull request we're able to make another snapshot and we compare the two snapshots together and can see what is new in the pull request. We can see which libraries are there and that enables us to see the vulnerabilities. I'm an embedded software engineer.
Director - Head of Delivery Services at Ticking Minds Technology Solutions Pvt Ltd
Real User
2019-06-19T05:02:00Z
Jun 19, 2019
I focus on software application security. In most of the scenarios that we come across, the customers want complete assurance on security of their platforms/products/applications. Clients reach out to us for our abilities to unearth security issues. I get to use these tools to assess products/platforms before they go live to the market.
Security Testing Engineer at a tech services company with 1,001-5,000 employees
Real User
2018-07-09T07:46:00Z
Jul 9, 2018
The use case was we needed to scan our website to find out what vulnerabilities were present. We use it to scan the website, then take a report about what vulnerabilities are present on it. Next, we will manually verify those vulnerabilities for false positives.
OWASP Zap is a free and open-source web application security scanner.
The solution helps developers identify vulnerabilities in their web applications by actively scanning for common security issues.
With its user-friendly interface and powerful features, Zap is a popular choice among developers for ensuring the security of their web applications.
We use OWASP Zap primarily for discovering vulnerabilities in our web application security testing. We use one standalone deployment of this solution.
I use the solution to follow the framework and help my developers develop apps securely from the ground up with the right practices in mind. As part of the DevOps process, we use the tool to scan and see if the web apps are vulnerable. We integrated the tool into our development life cycle for security testing in our DevOps pipeline. We use the tool to spider and test the website.
I use it for vulnerability scanning. It has automatic methods. It's great.
We use it for our security scanning for our applications.
We use the solution for security testing.
We use the solution for scanning pipelines.
We use ZAP for penetration testing.
OWASP Zap is used for dynamic testing. So when any kind of application, like, a web application, needs to be tested for its security and vulnerabilities. It is also used to crawl the site and then to enumerate all the input or the possible exploitation points, and then we try to exploit any blockings within OWASP Zap.
I primarily use the solution for different use cases. It's good for analysis. It also offers additional extensions you can take advantage of. There are different scan extensions you can leverage.
We use this product for vulnerability scanning and for testing. I'm an automation engineer.
Our primary use case for this solution is for reviewing applications developed in-house to test for known vulnerabilities, and we deploy this product on-premises. Additionally, we use the solution to review some applications that were developed in-house and test for any general or known vulnerabilities before moving them to the production environment.
I use this solution to test applications; web applications, web APIs, and infrastructure. For the web APIs and applications, I use OWASP Zap for interpreting requests and responses, and to see how the application behaves to resist payloads. This is one of the basic applications for us to automate and test. We are customers of OWASP Zap and I'm an application security consultant.
Zap collects all the AJAX and Ambelo GS links. It pages in everything from a target. I'm a security consultant and we are customers of Zap.
I use this solution for penetration tests.
We use OWASP Zap for web application security scanning.
The solution has certain models. It allows the creation of a pipeline in respect of the interface or of certain content. It enables one to check that the security is as it should be.
We are using this product at a very basic level to scan reports and then share them with the Dev team for any vulnerabilities. We use the open source version and we are end users.
Currently, we deploy these tools to serve in a few of our services in the organization.
Currently, we build our products for the banking industry and use this solution in that process. From a development cycle, we update the SQL injections that basically shows what a developer may have to address. Then, if there is still a problem, we're concerned at the architect level. That's at least initially reported by the customers when they do another round of review after we deliver our code.
We primarily use this product for web application scanning.
I'm a business analyst and we're a customer of OWASP Zap.
Our primary use case is for scanning. We have Bamboo, Nexus and Artifactory and we are able to make snapshots. When we get a pull request we're able to make another snapshot and we compare the two snapshots together and can see what is new in the pull request. We can see which libraries are there and that enables us to see the vulnerabilities. I'm an embedded software engineer.
We primarily use this application for web application spidering and vulnerability assessment.
We only tried out the demo to see what the solution offers and how it performs overall business scanning. They also offer open-source projects.
I focus on software application security. In most of the scenarios that we come across, the customers want complete assurance on security of their platforms/products/applications. Clients reach out to us for our abilities to unearth security issues. I get to use these tools to assess products/platforms before they go live to the market.
Our primary use case of this solution is to scan and check that the applications we put on the internet are safe and secure.
It is a security tool. We use it for application testing.
The use case was we needed to scan our website to find out what vulnerabilities were present. We use it to scan the website, then take a report about what vulnerabilities are present on it. Next, we will manually verify those vulnerabilities for false positives.