Try our new research platform with insights from 80,000+ expert users

Badges

55 Points
6 Years

User Activity

Over 6 years ago
Both have very powerful abilities. ZAP can be an advantage for free, but Burp's free version will work similarly. As someone who uses both, depending on the circumstances, one can be preferred to the other.
Over 6 years ago
Unfortunately, my personal opinion is that such applications do not work anymore. Instead, source code analysis, proactive preventive agents and manual tests are more important.
Over 6 years ago
Using "Microfocus (HPE) Fortify SCA" with integrated "VSTS/TFS". But you need take some effort to implement your CI/CD pipeline with custom scripts (autogenerated bat files e.t.c).

Reviews

Answers

Over 6 years ago
Static Application Security Testing (SAST)
Over 6 years ago
Static Application Security Testing (SAST)

Comments

Over 6 years ago
Dynamic Application Security Testing (DAST)

About me

Performing application "Security Assessments" using automated and manual tools and recomend remediation controls.
Perform pentest and ethical hacking.
Participating in secure code review.
Partipicating/ Develope secure code with team to fix security issues.
Threat modeling to identify, quantify and address security risks related with apps and systems.
Educate software developing teams on secure coding practices and models/patterns/methodologies
Preparing and sharing educational materials, best practices and handbooks associated with app sec.
Specifying security requirements for Web and mobile apps.
Expertising on Microsoft Secure SDL/SDLC and OWASP SAMM models/methodology