Easy to use, integrated penetration testing tool for finding vulnerabilities in web applications scoops the 2015 Top Security Tools accolade as Voted by ToolsWatch.org Readers
BEL AIR, Maryland, April 4, 2016 /PRNewswire/ -- OWASP ZAP (Open Web Application Security Project Zed Attack Proxy) has been voted the most preferred open source testing tool for the second time in three years by users and readers of leading online security website, ToolsWatch.
OWASP ZAP came out with top honours in the prestigious, annual online vote for the 2015 Top Security Tools, beating off competition from other security tools.
The Toolswatch Top Security Tools vote is hosted by ToolsWatch.org canvassing the votes of users and readers and is now in its third year. ZAP was voted second in 2014 and first in in 2013, the year the vote was launched.
ZAP is a free, easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed for users with a wide range of security experience and is ideal for developers and functional testers who are new to security testing.
In addition to being the most popular free/open source security tool available, ZAP is also one of the most active, with hundreds of volunteers around the globe helping to continually improve and enhance its features. ZAP provides automated scanners as well as a set of tools that allows new users and security professionals to manually identify security vulnerabilities. It has also been translated into over 25 languages including French, Italian, Dutch, Turkish and Chinese.
Simon Bennetts, OWASP ZAP Project Leader commented: "It's a real honour for ZAP to be recognised by the community it is intended for. While many of the security tools out there are geared for testers who fully understand security, ZAP has an unrivalled set of building features that are loved by developers and has the the support of a dedicated online community responsible for its comprehensive security features and functionality. This makes integrating ZAP with SSDLC/SDL simpler and the obvious, popular choice. Developers can effectively be testing the robustness and security of their websites and applications as they go which also explains its appeal."
"ZAP has always been a leading contender in the Toolswatch survey but this year it has reclaimed it rightful place as the most popular security testing tool and this is an achievement we feel incredibly proud of, particularly as it is voted for by those who actually use it as part of their own testing processes."
1 – OWASP ZAP – Zed Attack Proxy Project (+1 since 2014)
2 – Lynis (+1)
3 – Haka (NEW)
4 – Faraday (NEW)
5 – BeEF – The Browser Exploitation Framework (-1)
6 – Burp Suite (NEW)
7 – PeStudio (-1)
8 – Nmap (+2)
9 – IDA Pro (NEW)
10 – OWASP Offensive (Web) Testing Framework (-3)
For further information please contact Simon Bennetts, OWASP ZAP Project Leader
Email: email@example.com tel: +44 (0)7971 560 529
About the OWASP Foundation: The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license. You'll find everything about OWASP linked from our wiki and current information on our OWASP Blog. OWASP does not endorse or recommend any product or service. This allows our community to remain vendor neutral with the collective wisdom of the best minds in software security worldwide.
About OWASP ZAP
The OWASP Zed Attack Proxy (ZAP) is one of the world's most popular free security tools and is actively maintained by hundreds of international volunteers. It helps developers and test engineers automatically find security vulnerabilities in web applications during the development and unit testing process. It's also a great tool for experienced penetration testers to use for manual security testing.
ToolsWatch is a free, interactive, modern, eye-catching service designed to help auditors, pentesters and security experts to keep their ethical hacking oriented toolbox up-to-date. We are passionate about helping people to improve their security tools arsenal and promote their software and utilities.
SOURCE OWASP Foundation