Funding development on a large and complex open source project like OWASP ZAP is always challenging. Until recently I was sponsored by a company to work full time on ZAP, but that is no longer the case.
Since I released ZAP in 2010 it has become the world’s most popular web security scanner used millions of times per month. It is used by companies and individuals all over the world and is the basis for a growing number of commercial offerings.
ZAP has world leading automation and scripting capabilities and has introduced industry leading innovations such as the Ajax Spider, Web Sockets support, and the Heads Up Display.
There is still a huge amount to do and I have loads of ideas for improvements, both big and small.
But I also need to pay the bills.
Ideally I would like to carry on working full time on ZAP to make it better for everyone. For that reason I’m going to try to see if I can get enough sponsorship and/or ZAP related contract / support / training work in order to allow me to do this.
ZAP will of course remain completely free and open source whatever happens.