ZAP by Checkmarx Reviews & Product Details

Zap is one of the best web application security scanner ithink it has more features than burpsuite. ZAP has more automated scan features and the spider fuzz and ajax spider they are really amazing . i like recommend using ZAP for automated scans. Review collected by and hosted on G2.com.

ZAP does not have a browser . like burpsuite zap needs to implement that Review collected by and hosted on G2.com.

The owasp zap can be even use in windows and we don't need any Linux OS also it is very easy to use and it's free of cost.We can also customise zap according to our testing need switch certain scripts. Review collected by and hosted on G2.com.

Owasp has only some limited automated tasks and may not have new features like all other web pen testing apps Review collected by and hosted on G2.com.

As a seurity reasercher this tool has help me to scan the website.ones the scan is completed you can generate the report.the automated scan feture is really good,if your a begginner you don't have much knowledge in security scan you can try this tool.very user friendly and easy to understand all the fetures.

very easy to install.more you use you will be masterthe tool. Review collected by and hosted on G2.com.

This tool give some false positive findings thats the we need to check all the finding is true or not moreover its a great tool for web application assessment. Review collected by and hosted on G2.com.

Owasp zap proxy is the best recon and penetration testing tool which contains the all things from manual testing to auatomation testing . for me specialy automatic testing is the best testing with ajax spider and active scanning perform the all vulnerability test which is really good. Review collected by and hosted on G2.com.

sometimes in automation testing it give false positive but to avoid that thing we have to configure all scanning and moreover install some scripts to reduce it. but overall this tool is all in one Review collected by and hosted on G2.com.

1. It is open source

2. Customizable dashboards and user friendly interface

3. Active and Passive automated Scanning provided along with proxy interception support.

4. easy integration with CI/CD piplelines Review collected by and hosted on G2.com.

1. It is resource intensive and takes considerable amount of time for big applications

2. Issue with False positives leading to need of manual intervention many times Review collected by and hosted on G2.com.

OWASP zap is world best web app security scanner, and it is open source, and also it's powered by OWASP, the best thing is it's free Review collected by and hosted on G2.com.

Almost is really good but Some time its gives false positive Review collected by and hosted on G2.com.

It is easy to use and there are different types of attacks present which can be done in easier way Review collected by and hosted on G2.com.

Until now the product is good so no negative remark Review collected by and hosted on G2.com.

Support for Active, Passive and Fuzzy scans via Desktop app as well as it can be used via API bindings which can be further integrated in pipelines and can be scheduled as required Review collected by and hosted on G2.com.

For using OWASP ZAP little more crisp documentation is required though we will get best community support.

Application can be used by beginer but for getting expertise we need some more documentation. Review collected by and hosted on G2.com.

Easy to integrate with the CICD tools like Jenkins, Number of features like different scan methods Review collected by and hosted on G2.com.

about the documentation available in the websites Review collected by and hosted on G2.com.

A Great Vulnerability Assessment Tool Easy to Use, Anyone can understand the user interface. It makes pentester work easier. Review collected by and hosted on G2.com.

Everything is good in Zed Attack Proxy. Only one request to OWASP ZAP team needs to add web requests and response images in PDF report. Review collected by and hosted on G2.com.