OWASP ZAP Integration with ThreadFix
Use OWASP ZAP to find security vulnerabilities in your web applications throughout development and testing of your applications. Integrate OWASP ZAP with ThreadFix to maximize the power of the tool through the features listed below.
Import and Track OWASP ZAP DAST Results
ThreadFix allows users of OWASP ZAP to import scan results, merge them with other scanning results and track the results of scans over time. This automated results merging saves analysts time that then be focused on higher-value activities. Learn More >
Create Benchmarking and Trending Reporting
Tracking over time allows users of OWASP ZAP to create trending reports and automatically calculate mean-time-to-fix (MTTF) for identified vulnerabilities. Learn More >
Merge OWASP ZAP DAST Results with SAST Scanning Results
Organizations using ZAP along with static (SAST) scanning technologies can save time using ThreadFix’s Hybrid Analysis Mapping to automatically merge the results of ZAP scans with those of SAST tools. This greatly simplifies data management for security analysts and frees up their time for other activities.
Schedule Regular Scans Via ThreadFix Scan Orchestration
ThreadFix’s scan orchestration allows security analysts to store scan configurations and schedule regular scans of applications as they evolve. This frees the analyst from manually running scans and automatically loads updated scan results into ThreadFix for review.