We performed a comparison between OWASP Zap and Seeker based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Testing (AST)."It has evolved over the years and recently in the last year they have added, HUD (Heads Up Display)."
"It can be used effectively for internal auditing."
"Two features are valuable. The first one is that the scan gets completed really quickly, and the second one is that even though it searches in a limited scope, what it does in that limited scope is very good. When you use Zap for testing, you're only using it for specific aspects or you're only looking for certain things. It works very well in that limited scope."
"The vulnerabilities that it finds, because the primary goal is to secure applications and websites."
"It has improved my organization with faster security tests."
"The ZAP scan and code crawler are valuable features."
"The application scanning feature is the most valuable feature."
"Automatic scanning is a valuable feature and very easy to use."
"A significant advantage of Seeker is that it is an interactive scanner, and we have found it to be much more effective in reducing the amount of false positives than dynamic scanners such as AppScan, Micro Focus Fortify, etc. Furthermore, with Seeker, we are finding more and more valid (i.e. "true") positives over time compared with the dynamic scanners."
"The product reporting could be improved."
"The ability to search the internet for other use cases and to use the solution to make applications more secure should be addressed."
"The reporting feature could be more descriptive."
"Deployment is somewhat complicated."
"The documentation is lacking and out-of-date, it really needs more love."
"I'd like to see a kind of feature where we can just track what our last vulnerability was and how it has improved or not. More reports that can have some kind of base-lining, I think that would be a good feature too. I'm not sure whether it can be achieved and implement but I think that would really help."
"ZAP's integration with cloud-based CICD pipelines could be better. The scan should run through the entire pipeline."
"It would be nice to have a solid SQL injection engine built into Zap."
"One area that Seeker can improve is to make it more customizable. All security scanning tools have a defined set of rules that are based on certain criteria which they will use to detect issues. However, the criteria that you set initially is not something that all applications are going to need."
OWASP Zap is ranked 8th in Application Security Testing (AST) with 37 reviews while Seeker is ranked 24th in Application Security Testing (AST) with 1 review. OWASP Zap is rated 7.6, while Seeker is rated 7.0. The top reviewer of OWASP Zap writes "Great for automating and testing and has tightened our security ". On the other hand, the top reviewer of Seeker writes "More effective than dynamic scanners, but is missing useful learning capabilities". OWASP Zap is most compared with SonarQube, Acunetix, PortSwigger Burp Suite Professional, Qualys Web Application Scanning and Veracode, whereas Seeker is most compared with Synopsys API Security Testing, Coverity, Contrast Security Assess and Polaris Software Integrity Platform.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
