Title: Zed Attack Proxy (ZAP) has transitioned from the OWASP Foundation to Checkmarx

Class 3

Customers should be prepared and take actions

Summary

Originally, Zed Attack Proxy (ZAP) was an OWASP project. Subsequently, the ZAP core maintainers joined Checkmarx as employees, and the project was rebranded as “ZAP by Checkmarx.” Currently, Zed Attack Proxy (ZAP) is maintained by Checkmarx.

Reference L: https://www.zaproxy.org/blog/2024-09-24-zap-has-joined-forces-with-checkmarx/.

As a result, Zed Attack Proxy (ZAP) is maintained by Checkmarx.

Flexera will migrate all releases/mappings from the old product OWASP Foundation ‘Zed Attack Proxy (ZAP)’ to New Product Checkmarx ‘Zed Attack Proxy (ZAP)’.

Impact

This change will impact customers who rely on Technopedia Product ID/Release ID & Names, or who previously discovered data mapped to the old Product, which will be mapped to the new Product. The change requires the customer to manage downstream processes and reporting in their organization.

The spreadsheet from Zed Attack Proxy (ZAP) provides the complete list of software versions for which the product name will be renamed to Checkmarx's Zed Attack Proxy (ZAP).

Timeframe

Customers can expect these changes to occur from May 6th to 8th.

Thank you.