OWASP ZAPOWASP
|
||||||
Related Products
|
||||||
About
OWASP ZAP (Zed Attack Proxy) is a free, open-source penetration testing tool being maintained under the umbrella of the Open Web Application Security Project (OWASP). ZAP is designed specifically for testing web applications and is both flexible and extensible. At its core, ZAP is what is known as a “man-in-the-middle proxy.” It stands between the tester’s browser and the web application so that it can intercept and inspect messages sent between browser and web application, modify the contents if needed, and then forward those packets on to the destination. It can be used as a stand-alone application, and as a daemon process. ZAP provides functionality for a range of skill levels – from developers, to testers new to security testing, to security testing specialists. ZAP has versions for each major OS and Docker, so you are not tied to a single OS. Additional functionality is freely available from a variety of add-ons in the ZAP Marketplace, accessible from within the ZAP client.
|
About
OpenText Dynamic Application Security Testing (DAST) is an automated solution that simulates real-world attacks on live applications, APIs, and services to identify exploitable vulnerabilities. It operates on running production environments, requiring no source code or staging setup. Designed for modern DevSecOps teams, the platform prioritizes vulnerabilities for root cause analysis and integrates seamlessly through REST APIs and an intuitive user interface. OpenText DAST supports automation in CI/CD pipelines, reducing manual efforts while accelerating security feedback. It covers modern web technologies like HTML5, JSON, AJAX, JavaScript, and HTTP2 to ensure comprehensive testing. Flexible deployment options allow organizations to run the solution on public cloud, private cloud, or on-premises environments.
|
|||||
Platforms Supported
Windows
Mac
Linux
Cloud
On-Premises
iPhone
iPad
Android
Chromebook
|
Platforms Supported
Windows
Mac
Linux
Cloud
On-Premises
iPhone
iPad
Android
Chromebook
|
|||||
Audience
A Security Testing application for DevOps teams or companies
|
Audience
DevSecOps and security teams looking for automated, scalable, real-time vulnerability testing on live applications and APIs integrated into CI/CD workflows
|
|||||
Support
Phone Support
24/7 Live Support
Online
|
Support
Phone Support
24/7 Live Support
Online
|
|||||
API
Offers API
|
API
Offers API
|
|||||
Screenshots and Videos |
Screenshots and Videos |
|||||
Pricing
No information available.
Free Version
Free Trial
|
Pricing
No information available.
Free Version
Free Trial
|
|||||
Reviews/
|
Reviews/
|
|||||
Training
Documentation
Webinars
Live Online
In Person
|
Training
Documentation
Webinars
Live Online
In Person
|
|||||
Company InformationOWASP
Founded: 2001
United States
www.zaproxy.org
|
Company InformationOpenText
Founded: 1991
Canada
www.opentext.com/products/dynamic-application-security-testing
|
|||||
Alternatives |
Alternatives |
|||||
|
||||||
|
|
|||||
|
||||||
Categories |
Categories |
|||||
Integrations
Kondukto
Seeker
ThreadFix
ArmorCode
Bizzy
Blink
Conviso Platform
CyCognito
Docker
FuzzDB
|
Integrations
Kondukto
Seeker
ThreadFix
ArmorCode
Bizzy
Blink
Conviso Platform
CyCognito
Docker
FuzzDB
|
|||||
|
|