Can I scan for OWASP Top 10?

Yes! The OWASP ZAP scan offered by HostedScan includes tests for vulnerability categories in the OWASP Top 10 list, as well as tests beyond the OWASP Top 10.

To see a full list of the OWASP Top 10 vulnerability tests that we run, go to https://www.zaproxy.org/alerttags/ and select the tag for an OWASP Top 10 category. For example, select OWASP_2021_A01 to view all of the tests for the first OWASP Top 10 vulnerability category - Broken Access Control.

Note that the OWASP Top 10 list covers broad categories of vulnerabilities. There is no automated scanner which can 100% protect an application and any scanner claiming to do so is exaggerating their coverage. That said, automated scans can help detect many of the most common OWASP Top 10 problems and at HostedScan, we believe the ZAP scanner is one of the best automated scanners on the market.