We performed a comparison between OWASP Zap and Synopsys API Security Testing based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST)."The HUD is a good feature that provides on-site testing and saves a lot of time."
"The product helps users to scan and fix vulnerabilities in the pipeline."
"Simple and easy to learn and master."
"The ZAP scan and code crawler are valuable features."
"The product discovers more vulnerabilities compared to other tools."
"It's great that we can use it with Portswigger Burp."
"It can be used effectively for internal auditing."
"The community edition updates services regularly. They add new vulnerabilities into the scanning list."
"The most valuable features of Synopsys API Security Testing are the metrics, results, and threat vectors that it shares."
"There's very little documentation that comes with OWASP Zap."
"Online documentation can be improved to utilize all features of ZAP and API methods to make use in automation."
"It would be ideal if I could try some pre-built deployment scenarios so that I don't have to worry about whether the configuration sector team is doing it right or wrong. That would be very helpful."
"ZAP's integration with cloud-based CICD pipelines could be better. The scan should run through the entire pipeline."
"The solution is somewhat unreliable because after we get the finding, we have to manually verify each of its findings to see whether it's a false positive or a true finding, and it takes time."
"The port scanner is a little too slow."
"The reporting feature could be more descriptive."
"The documentation is lacking and out-of-date, it really needs more love."
"The solution required us to use our team and we spoke to Synopsys API Security Testing's support to do the implementation. We use two people from our team for the implementation. and one person for maintenance."
Earn 20 points
OWASP Zap is ranked 7th in Static Application Security Testing (SAST) with 37 reviews while Synopsys API Security Testing is ranked 30th in Static Application Security Testing (SAST). OWASP Zap is rated 7.6, while Synopsys API Security Testing is rated 7.0. The top reviewer of OWASP Zap writes "Great for automating and testing and has tightened our security ". On the other hand, the top reviewer of Synopsys API Security Testing writes "Useful threat vectors, beneficial results, but implementation needed support". OWASP Zap is most compared with SonarQube, Acunetix, Qualys Web Application Scanning, Veracode and PortSwigger Burp Suite Professional, whereas Synopsys API Security Testing is most compared with Seeker and Fortify WebInspect.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.