The Application Security Podcast

Mark Curphey and Simon Bennetts -- Riding the Coat Tails of ZAP, without Open Source Funding

Chris Romeo and Robert Hurlbut Season 11 Episode 12

Mark Curphey and Simon Bennetts, join Chris on the podcast to discuss the challenges of funding and sustaining major open source security projects like ZAP. 

Curphey shares about going fully independent and building a non-profit sustainable model for ZAP. The key is getting companies in the industry, especially companies commercializing ZAP, to properly fund its ongoing development and maintenance.

Bennetts, who has led ZAP for over 15 years, shares the harsh reality that while ZAP is likely the world's most popular web scanner with millions of active users per month, very few companies contribute back financially despite making millions by building products and services on top of ZAP. 

Curphey and Bennetts are asking those in the industry to step up and properly fund open source projects like ZAP that are critical infrastructure, rather than freeloading off the hard work of a few individuals. Curphey's company is investing substantial funds in a "responsible marketing" model to sustain ZAP as a non-profit, with hopes others will follow this ethical example to prevent open source security going down a dangerous path.

FOLLOW OUR SOCIAL MEDIA:

➜Twitter: @AppSecPodcast
➜LinkedIn: The Application Security Podcast
➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast

Thanks for Listening!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

People on this episode

Podcasts we love

Check out these other fine podcasts recommended by us, not an algorithm.

The Security Table Artwork

The Security Table

Izar Tarandach, Matt Coles, and Chris Romeo