Owasp Zap vs The paid automated security Tool.

[Lavan Sureshbabu]

Hi Team,

I need a quick clarification regarding the owasp zap tool and the paid automation tools. I want to know the major differences between the zap and the other paid automation tool used for pentesting and dast of the web application.Because both the tools will do the same type of testing for the application what is the major difference?

Disclaimer: The content of this email is confidential and intended for the recipient specified in message only. If you have received this email by mistake, please delete it from your mailbox, and do not forward it or any part of it to anyone else.
Warning: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The organization accepts no liability for any damage caused by any virus transmitted by this email.

[Simon Bennetts]

Hiya,

While we keep an eye on commercial tools we are not in a position to detail exactly what the differences are - you will need to do your own comparisons.

Note that many commerical DAST tools are actually based on ZAP :D

FYI ZAP is no longer an OWASP project, its is "ZAP by Checkmarx" or just "ZAP".

Cheers,

Simon