diff --git a/site/config.yaml b/site/config.yaml
index 2c8f76824..e79ace0ca 100644
--- a/site/config.yaml
+++ b/site/config.yaml
@@ -45,10 +45,6 @@ menu:
URL: /community/
weight: 5
- - name: Support
- URL: /support/
- weight: 5
-
footer:
- name: "Blog"
URL: "/blog/"
@@ -62,10 +58,6 @@ menu:
URL: /community/
weight: 4
- - name: Support
- URL: /support/
- weight: 5
-
- name: Statistics
URL: /docs/statistics/
weight: 6
diff --git a/site/content/blog/2024-09-24-zap-has-joined-forces-with-checkmarx/images/0-zap-by-checkmarx.png b/site/content/blog/2024-09-24-zap-has-joined-forces-with-checkmarx/images/0-zap-by-checkmarx.png
new file mode 100644
index 000000000..bc09f1851
Binary files /dev/null and b/site/content/blog/2024-09-24-zap-has-joined-forces-with-checkmarx/images/0-zap-by-checkmarx.png differ
diff --git a/site/content/blog/2024-09-24-zap-has-joined-forces-with-checkmarx/images/zap-by-checkmarx.png b/site/content/blog/2024-09-24-zap-has-joined-forces-with-checkmarx/images/zap-by-checkmarx.png
new file mode 100644
index 000000000..5c12e4bd6
Binary files /dev/null and b/site/content/blog/2024-09-24-zap-has-joined-forces-with-checkmarx/images/zap-by-checkmarx.png differ
diff --git a/site/content/blog/2024-09-24-zap-has-joined-forces-with-checkmarx/index.md b/site/content/blog/2024-09-24-zap-has-joined-forces-with-checkmarx/index.md
new file mode 100644
index 000000000..fca18ef81
--- /dev/null
+++ b/site/content/blog/2024-09-24-zap-has-joined-forces-with-checkmarx/index.md
@@ -0,0 +1,45 @@
+---
+title: "ZAP Has Joined Forces With Checkmarx"
+summary: "This is a huge investment (and vote of confidence) in ZAP and will secure the project’s future success."
+images:
+- https://www.zaproxy.org/blog/2024-09-24-zap-has-joined-forces-with-checkmarx/images/zap-by-checkmarx.png
+type: post
+tags:
+ - blog
+ - funding
+date: "2024-09-24"
+authors:
+ - simon
+---
+
+## HeadLine News!
+I am delighted to announce that ZAP has joined forces with [Checkmarx](https://checkmarx.com/) to secure the project’s future success.
+Checkmarx will employ all three of the ZAP project leaders (myself, [Ricardo](/docs/team/thc202/), and [Rick](/docs/team/kingthorin/)),
+to work on both ZAP and Checkmarx' DAST solution (built on top of ZAP).
+
+This is by far the biggest investment any one company has made in ZAP and ensures that ZAP will continue to thrive.
+
+## What Does This Mean In Practice?
+As you may have noticed on the website, ZAP will now be known as “ZAP by Checkmarx”.
+
+ZAP will stay under the control of the ZAP Core Team, remain open source, and stay licensed under Apache v2.
+We are still community focused, but Checkmarx’ support will enable us to support this community even better than before.
+
+While Checkmarx will have a direct influence on our roadmap, we're confident that their priorities align closely with our existing roadmap - one that is based on the features that many of you have been asking for.
+
+The most important change is that ZAP will have proper backing - for the first time in its history.
+With more people exclusively focused on ZAP as part of their daily work, we will be able to improve ZAP at a faster rate than ever before.
+
+Another big change for us is that we will also get direct access to Checkmarx’ customer base.
+As an open source project, we often struggle to get the detailed information we need to resolve user problems.
+Many companies simply cannot share the level of detail we need from them unless there is a contract in place.
+This change will not only allow us to support those customers more effectively, but also support overarching improvements for everyone who uses ZAP.
+
+For Checkmarx’ take on our new partnership, check out their announcement:
+[](https://checkmarx.com/press-releases/checkmarx-joins-forces-with-zap-to-supercharge-dynamic-application-security-testing-dast-for-the-enterprise-and-enhance-community-growth/)
+
+## Thank You to CrashOverride
+Last but definitely not least, a huge thank you to [CrashOverride](https://crashoverride.com/?zap=web), who stepped up and
+[supported us](/blog/2024-03-13-zap-funding-and-the-open-source-fellowship/) when we needed it most.
+Without their help and support the ZAP project may not have survived.
+
diff --git a/site/content/docs/team/kingthorin.md b/site/content/docs/team/kingthorin.md
index 474cf1a1f..a85b1b1ea 100644
--- a/site/content/docs/team/kingthorin.md
+++ b/site/content/docs/team/kingthorin.md
@@ -14,7 +14,7 @@ Rick started contributing to ZAP in 2014.
#### Sponsor
-Rick can be sponsored directly via his [GitHub Sponsors](https://github.com/sponsors/kingthorin/) page.
+Rick is employed by [Checkmarx](https://checkmarx.com/) to work on ZAP.
#### Other Work
diff --git a/site/content/docs/team/psiinon.md b/site/content/docs/team/psiinon.md
index 489a3b6a3..5cd1adbd6 100644
--- a/site/content/docs/team/psiinon.md
+++ b/site/content/docs/team/psiinon.md
@@ -14,7 +14,7 @@ Simon released ZAP in 2010 and has been working on it ever since.
#### Sponsor
-Simon's work on ZAP is sponsored by [The Crash Override Open Source Fellowship](https://crashoverride.com?zap=web).
+Simon is employed by [Checkmarx](https://checkmarx.com/) to work on ZAP.
#### Expertise
diff --git a/site/content/docs/team/thc202.md b/site/content/docs/team/thc202.md
index 035c40e6f..eaab69bf4 100644
--- a/site/content/docs/team/thc202.md
+++ b/site/content/docs/team/thc202.md
@@ -12,7 +12,7 @@ Ricardo started working on ZAP in 2011 and has made more PRs against the ZAP rep
#### Sponsor
-Ricardo's work on ZAP is sponsored by [The Crash Override Open Source Fellowship](https://crashoverride.com?zap=web).
+Ricardo is employed by [Checkmarx](https://checkmarx.com/) to work on ZAP.
#### Expertise
diff --git a/site/content/getting-started/images/zap-full-screen.png b/site/content/getting-started/images/zap-full-screen.png
index 6bd277085..1ea90159b 100644
Binary files a/site/content/getting-started/images/zap-full-screen.png and b/site/content/getting-started/images/zap-full-screen.png differ
diff --git a/site/content/getting-started/images/zap-qstart-autoscan.png b/site/content/getting-started/images/zap-qstart-autoscan.png
index 0a136f8b5..cb0e42119 100644
Binary files a/site/content/getting-started/images/zap-qstart-autoscan.png and b/site/content/getting-started/images/zap-qstart-autoscan.png differ
diff --git a/site/content/getting-started/images/zap-qstart-learnmore.png b/site/content/getting-started/images/zap-qstart-learnmore.png
index 421f9d626..09d1d4b9b 100644
Binary files a/site/content/getting-started/images/zap-qstart-learnmore.png and b/site/content/getting-started/images/zap-qstart-learnmore.png differ
diff --git a/site/content/getting-started/images/zap-qstart-manualexplore.png b/site/content/getting-started/images/zap-qstart-manualexplore.png
index c12a047cd..797cb57cd 100644
Binary files a/site/content/getting-started/images/zap-qstart-manualexplore.png and b/site/content/getting-started/images/zap-qstart-manualexplore.png differ
diff --git a/site/content/getting-started/images/zap-qstart-support.png b/site/content/getting-started/images/zap-qstart-support.png
deleted file mode 100644
index 1af7b49cf..000000000
Binary files a/site/content/getting-started/images/zap-qstart-support.png and /dev/null differ
diff --git a/site/content/getting-started/index.md b/site/content/getting-started/index.md
index 5fba0205d..d105cf0fb 100644
--- a/site/content/getting-started/index.md
+++ b/site/content/getting-started/index.md
@@ -45,10 +45,10 @@ Pentesting usually follows these stages:
The ultimate goal of pentesting is to search for vulnerabilities so that these vulnerabilities can be addressed. It can also verify that a system is not vulnerable to a known class or specific defect; or, in the case of vulnerabilities that have been reported as fixed, verify that the system is no longer vulnerable to that defect.
### Introducing ZAP
-Zed Attack Proxy (ZAP) is a free, open-source penetration testing tool being maintained under the umbrella of
-The Software Security Project (SSP). ZAP is designed specifically for testing web applications and is both flexible and extensible.
+Zed Attack Proxy (ZAP) by Checkmarx is a free, open-source penetration testing tool.
+ZAP is designed specifically for testing web applications and is both flexible and extensible.
-At its core, ZAP is what is known as a “man-in-the-middle proxy.” It stands between the tester’s browser and the web application so that it can intercept and inspect messages sent between browser and web application, modify the contents if needed, and then forward those packets on to the destination. It can be used as a stand-alone application, and as a daemon process.
+At its core, ZAP is what is known as a “manipulator-in-the-middle proxy.” It stands between the tester’s browser and the web application so that it can intercept and inspect messages sent between browser and web application, modify the contents if needed, and then forward those packets on to the destination. It can be used as a stand-alone application, and as a daemon process.
{{< img "images/browser-no-proxy.png" >}}
@@ -60,9 +60,6 @@ ZAP provides functionality for a range of skill levels – from developers, to t
Because ZAP is open-source, the source code can be examined to see exactly how the functionality is implemented. Anyone can volunteer to work on ZAP, fix bugs, add features, create pull requests to pull fixes into the project, and author add-ons to support specialized situations.
-As with most open source projects, donations are welcome to help with costs for the projects. For more details see the
-[Sponsor](/sponsor/) page.
-
### Install and Configure ZAP
ZAP has installers for Windows, Linux, and macOS. There are also Docker images available on the download site listed below.
@@ -75,9 +72,9 @@ Once the installation is complete, launch ZAP and read the license terms. Click
###### macOS
ZAP is currently not a verified developer with Apple. On macOS, you will see a message like:
-> “OWASP ZAP.app” cannot be opened because the developer cannot be verified.
+> “ZAP.app” cannot be opened because the developer cannot be verified.
-To circumvent this warning, you would need to go to **System Preferences** > **Security & Privacy** at the bottom of the dialog. You will see a message saying that "OWASP ZAP" was blocked. Next to it, if you trust the downloaded installer, you can click **Open anyway**.
+To circumvent this warning, you would need to go to **System Preferences** > **Security & Privacy** at the bottom of the dialog. You will see a message saying that "ZAP" was blocked. Next to it, if you trust the downloaded installer, you can click **Open anyway**.
##### Persisting a Session
When you first start ZAP, you will be asked if you want to persist the ZAP session. By default, ZAP sessions are always recorded to disk in a HSQLDB database with a default name and location. If you do not persist the session, those files are deleted when you exit ZAP.
@@ -218,13 +215,6 @@ ZAP is an ideal tool to use in automation and supports a range of options:
- [Automation Framework](/docs/automate/automation-framework/)
- [API and Daemon mode](/docs/api/)
-### Support
-The available support options are summarised in the ‘Support’ screen.
-
-ZAP is a non profit organisation, and any money raised by these services will help fund ZAP developments.
-
-{{< img "images/zap-qstart-support.png" >}}
-
### Learn More About ZAP
Now that you are familiar with a few basic capabilities of ZAP, you can learn more about ZAP’s capabilities and how to use them from ZAP’s [Desktop User Guide](/docs/desktop/). The User Guide provides step-by-step instructions, references for the API and command-line programming, instructional videos, and tips and tricks for using ZAP.
diff --git a/site/content/support.md b/site/content/support.md
deleted file mode 100644
index eefb41f5a..000000000
--- a/site/content/support.md
+++ /dev/null
@@ -1,77 +0,0 @@
----
-type: page
-title: Support
-aliases:
- - /sponsor/
----
-
-ZAP is a complex and ambitious non-profit project. Commercial companies that maintain projects equivalent to ZAP have hundreds of people working on them.
-
-### Main Sponsor
-
-ZAP development is supported by the [Crash Override Open Source Fellowship](https://crashoverride.com?zap=web).
-
-For more details also see associated [blog post](/blog/2024-03-13-zap-funding-and-the-open-source-fellowship/).
-
-### Support
-
-While the Crash Override Open Source Fellowship support means that ZAP can survive, we still need to find a long term independent and scalable funding model in order for ZAP to thrive.
-
-The following commercial support options are now available. These are provided by
-[ZAProxy Ltd](https://www.zaproxy.com) a non profit dedicated to raising money for ZAP.
-
-All of the money raised from any of these services will help fund ZAP development - ZAP is a non-profit open source project.
-
-#### Support Packages
-
-Support packages are designed for supporting ZAP existing features. They will give you prioritised access to the ZAP developers in order to resolve any problems or bugs you may find while using ZAP.
-
-They are also a way for companies to help ZAP become sustainable.
-
-| | Bronze | Silver | Gold |
-| --- | --- | --- | --- |
-| Price (per year) | $10,000 | $25,000 | $50,000 |
-| Support Type | Slack, Email | Slack, Email, Video | Slack, Email, Video |
-| Response Time | 3 Business Days | 2 Business Days | 1 Business Day |
-
-All companies who purchase support packages will get a dedicated private Slack channel,
-and more visibility and input into the ZAP roadmap, in proportion to the support level.
-
-[Get in touch](mailto:support@zaproxy.com) to purchase one of these packages or if you would like additional support.
-
-##### Community Support
-
-We will still provide free community support via the [ZAP User Group](https://groups.google.com/group/zaproxy-users)
-on a "best efforts" basis, but commercial support will take precedence.
-
-#### Sponsored Developments
-
-Sponsored developments allow you to expedite planned ZAP features.
-
-Any developments on the [Roadmap](/docs/roadmap/) without an existing sponsor can be sponsored.
-
-Developments not on the roadmap can also be sponsored, but the cost will increase for changes that are not part of our strategic development.
-
-We are also available to implement ZAP related features that are company specific, and these developments can be closed source. However the cost will again increase.
-
-For more details [get in touch](mailto:support@zaproxy.com).
-
-#### Consultancy
-
-Consultancy gives you direct access to the ZAP Core Team.
-
-This can be for anything ZAP related, for example:
-* Advice and guidance
-* Initial set up
-* Performance tuning
-* Integration with 3rd party services
-
-The consultancy rate will depend on the work to be performed, and will be per day with a discount for a full week's work.
-
-For more details [get in touch](mailto:support@zaproxy.com).
-
-#### Donations
-
-Unfortunately donations have not historically allowed us to raise anything like the level of funding we need to support ZAP development.
-
-As an alternative you are welcome to buy one or more days of consultancy and just not use them :grin:.
diff --git a/site/content/supporters.md b/site/content/supporters.md
index ca6de33c0..61b2293bc 100644
--- a/site/content/supporters.md
+++ b/site/content/supporters.md
@@ -3,7 +3,8 @@ type: page
title: Supporters
layout: supporters
description: Companies and organisations who have supported ZAP in a variety of ways
+aliases:
+ - /sponsor/
+ - /support/
---
-For details on how to support ZAP see the [Support](/support/) page.
-
diff --git a/site/content/third-party-engagement.md b/site/content/third-party-engagement.md
index f07483f38..a0737e63d 100644
--- a/site/content/third-party-engagement.md
+++ b/site/content/third-party-engagement.md
@@ -7,15 +7,15 @@ __This is not a legal document, third parties are expected to perform their own
* Any third party can sponsor anyone to work on ZAP
* Third parties can promote their sponsorship of ZAP or people working on ZAP
-* Any third party can build commercial services using ZAP as long as they conform to all of the [relevant Open Source licences](https://github.com/zaproxy/zaproxy/blob/main/LEGALNOTICE.md) and do not claim that it is endorsed by the ZAP core team or the Software Security Project
-* Any third party can rebundle and redistribute ZAP with any other components as long as they do not claim it is an “official ZAP release” or endorsed by either the ZAP core team or the Software Security Project
+* Any third party can build commercial services using ZAP as long as they conform to all of the [relevant Open Source licences](https://github.com/zaproxy/zaproxy/blob/main/LEGALNOTICE.md) and do not claim that it is endorsed by the ZAP core team
+* Any third party can rebundle and redistribute ZAP with any other components as long as they do not claim it is an “official ZAP release” or endorsed by either the ZAP core team
* Third parties are encouraged to be public about their use of ZAP and to contribute back fixes and enhancements
* Third parties should not use "ZAP" or "ZAPROXY" in their product names
* Third party specific add-ons can be added to the ZAP Marketplace as long as the add-ons are free and Open Source and it is clear who developed/supports them. Any services those add-ons connect to can be Open Source, closed source, free or commercial
* Third party specific add-ons will not be included in the official ZAP distributions
* Exceptions may be made by the ZAP core team, for example add-ons which connect to commonly used components like bug trackers
* Third party specific add-ons should not be included in the ZAP code base (with the above proviso)
-* Third parties can offer free or paid-for support for ZAP as long as they do not claim that it is endorsed by the ZAP core team or the Software Security Project
+* Third parties can offer free or paid-for support for ZAP as long as they do not claim that it is endorsed by the ZAP core team
* ZAP communication channels cannot be used to endorse commercial products
* Commercial products based on ZAP can be mentioned on ZAP communication channels as long as all similar commercial products are treated equally
* Code will be merged into the code base based on its quality and suitability as decided by the ZAP core team
diff --git a/site/data/events.yaml b/site/data/events.yaml
index 3764fb96d..fb1f03108 100644
--- a/site/data/events.yaml
+++ b/site/data/events.yaml
@@ -73,6 +73,14 @@
link: https://github.com/zaproxy/zaproxy/blob/main/zap/src/main/java/org/zaproxy/zap/extension/spider/SpiderEventPublisher.java
event: scan.completed
+- publisher: org.zaproxy.zap.extension.spiderAjax.SpiderEventPublisher
+ link: https://github.com/zaproxy/zap-extensions/blob/main/addOns/spiderAjax/src/main/java/org/zaproxy/zap/extension/spiderAjax/SpiderEventPublisher.java
+ event: scan.started
+
+- publisher: org.zaproxy.zap.extension.spiderAjax.SpiderEventPublisher
+ link: https://github.com/zaproxy/zap-extensions/blob/main/addOns/spiderAjax/src/main/java/org/zaproxy/zap/extension/spiderAjax/SpiderEventPublisher.java
+ event: scan.stopped
+
- publisher: org.zaproxy.zap.extension.websocket.WebSocketEventPublisher
link: https://github.com/zaproxy/zap-extensions/blob/main/addOns/websocket/src/main/java/org/zaproxy/zap/extension/websocket/WebSocketEventPublisher.java
event: ws.stateChange
diff --git a/site/data/homepage/hero.yml b/site/data/homepage/hero.yml
index 0874870ca..c0d20f381 100644
--- a/site/data/homepage/hero.yml
+++ b/site/data/homepage/hero.yml
@@ -1,8 +1,9 @@
heroItems:
- headline: Zed Attack Proxy (ZAP)
+ byline: by Checkmarx
subhead:
- The world’s most widely used web app scanner. Free and open source.
- Actively maintained by a dedicated international team of volunteers.
- A GitHub Top 1000 project.
+ The world’s most widely used web app scanner.
+ Free and open source.
+ A community based GitHub Top 1000 project that anyone can contribute to.
image: hero-illustration-1.svg
imageSize: 290
diff --git a/site/data/roadmap.yaml b/site/data/roadmap.yaml
index d1747cfce..7b8ff674d 100644
--- a/site/data/roadmap.yaml
+++ b/site/data/roadmap.yaml
@@ -1,12 +1,6 @@
- item: Release 2.16
status: ⌚ Planned
year: 2024
-
-- item: Secure Funding for ZAP Development
- status: ⚡ In progress
- year: 2024
- sponsor: Crash Override
- sponsorlink: https://crashoverride.com/?zap=web
- item: Import PCAP files
status: ⚡ In progress
url: https://github.com/zaproxy/zaproxy/issues/4812
@@ -16,7 +10,7 @@
url: https://github.com/zaproxy/zaproxy/issues/7695
year: 2024
sponsor: ZAProxy Ltd
- sponsorlink: https://zaproxy.com/
+ sponsorlink: https://www.zaproxy.com/
- item: Improve modern web app handling
url: /blog/2023-11-03-handling-modern-web-apps-better-part1/
status: ⚡ In progress
@@ -58,6 +52,12 @@
url: /blog/2023-01-19-authentication-help/
year: n/a
+- item: Secure Funding for ZAP Development
+ status: 🎉 Finished
+ url: /blog/2024-09-24-zap-has-joined-forces-with-checkmarx/
+ year: 2024
+ sponsor: CrashOverride
+ sponsorlink: https://crashoverride.com/?zap=web
- item: Document Target Scanning Issues
status: 🎉 Finished
url: /docs/getting-further/automation/target-scanning-issues/
diff --git a/site/data/statistics.yaml b/site/data/statistics.yaml
index d2d20c3a2..854e4518c 100644
--- a/site/data/statistics.yaml
+++ b/site/data/statistics.yaml
@@ -639,6 +639,20 @@
code: main/addOns/quickstart/src/main/java/org/zaproxy/zap/extension/quickstart/QuickStartPanel.java
desc: The number of times the given news item has been clicked on
+- key: stats.network.send.failure
+ scope: global
+ type: counter
+ repo: zaproxy/zap-extensions
+ code: main/addOns/network/src/main/java/org/zaproxy/addon/network/internal/client/BaseHttpSender.java
+ desc: The number of times ZAP has failed to send an HTTP request
+
+- key: stats.network.send.success
+ scope: global
+ type: counter
+ repo: zaproxy/zap-extensions
+ code: main/addOns/network/src/main/java/org/zaproxy/addon/network/internal/client/BaseHttpSender.java
+ desc: The number of times ZAP has sucessfully sent an HTTP request
+
- key: stats.oast.boast.interactions
scope: global
type: counter
@@ -821,6 +835,20 @@
code: main/zap/src/main/java/org/zaproxy/zap/extension/pscan/scanner/RegexAutoTagScanner.java
desc: The number of messages containing the given tag
+- key: stats.tech.reqcount.id
+ scope: site
+ type: highwatermark
+ repo: zaproxy/zap-extensions
+ code: main/addOns/wappalyzer/src/main/java/org/zaproxy/zap/extension/wappalyzer/TechPassiveScanner.java
+ desc: The highest request count the successfully identified a new technology for the site
+
+- key: stats.tech.reqcount.total
+ scope: site
+ type: highwatermark
+ repo: zaproxy/zap-extensions
+ code: main/addOns/wappalyzer/src/main/java/org/zaproxy/zap/extension/wappalyzer/TechPassiveScanner.java
+ desc: The total number of requests analysed to detect technology for the site
+
- key: stats.websockets.bytes.incoming
scope: site
type: counter
diff --git a/site/data/supporters.yaml b/site/data/supporters.yaml
index 01f0d926e..6f548f19f 100644
--- a/site/data/supporters.yaml
+++ b/site/data/supporters.yaml
@@ -1,15 +1,27 @@
---
main:
- - name: 'Crash Override Open Source Fellowship'
- link: https://crashoverride.com?zap=web
- logo: /img/supporters/co-osf.png
- notes: Sponsor Simon and Ricardo's work on ZAP
+ - name: 'Checkmarx'
+ link: https://checkmarx.com/
+ logo: /img/zap-by-checkmarx.png
+ notes: "Employ Simon, Ricardo, and Rick to work on ZAP"
prev:
+ - name: 'CrashOverride'
+ link: https://crashoverride.com?zap=web
+ notes: "Sponsored Simon and Ricardo's work on ZAP for 8 months"
+
+ - name: 'NightVision'
+ link: https://nightvision.net/
+ notes: Sponsored Simon and Ricardo via support contract and sponsored developments
+
+ - name: 'SOOS'
+ link: https://soos.io/soos-dast-no-limit/
+ notes: GitHub direct sponsorship, OWASP donation and support contract
+
- name: 'Jit'
link: https://www.jit.io/zap?utm_source=zapproxy&utm_medium=banner&utm_campaign=zap-proxy-website-banner
- notes: Sponsored Simon's work on ZAP for 1 year
+ notes: "Sponsored Simon's work on ZAP for 1 year"
- name: 'Mozilla'
link: https://www.mozilla.org/
@@ -27,10 +39,6 @@ prev:
link: https://www.owasp.org/
notes: 2010-2023 umbrella organization
- - name: 'SOOS'
- link: https://soos.io/soos-dast-no-limit/
- notes: GitHub direct sponsorship + $1,500 via OWASP donation
-
- name: 'Dave Wichers'
link: https://www.linkedin.com/in/wichers/
notes: GitHub direct sponsorship
@@ -55,10 +63,6 @@ prev:
link: https://tenebris.com/
notes: Sponsoring Rick
- - name: 'NightVision'
- link: https://nightvision.net/
- notes: Sponsored thc202
-
- name: 'Ramesh Jha'
link: https://rameshjha.com/
notes: A $1,200 donation
diff --git a/site/data/thirdparty.yaml b/site/data/thirdparty.yaml
index de097f9e7..507911287 100644
--- a/site/data/thirdparty.yaml
+++ b/site/data/thirdparty.yaml
@@ -1,40 +1,14 @@
---
-services_plus:
- # ZAP Supporters - ordered by support level, alphabetic
-
- - name: 'NightVision'
- link: https://www.nightvision.net/
- license: 'Commercial'
- supporter: ZAP Supporter
-
- - name: 'SOOS'
- link: https://soos.io/soos-dast-no-limit/
- license: 'Commercial'
- supporter: ZAP Supporter
-
-services_minus:
- # Closed source services who are not supporting ZAP
- # Commercial, free option tools, alphabetic
- - name: 'Astra'
- link: https://www.getastra.com/
- license: 'Commercial'
- notes: 'Limited GitHub sponsorship'
-
- - name: 'HostedScan'
- link: https://hostedscan.com/
- license: 'Commercial, free option'
- notes: 'Limited GitHub sponsorship'
-
- - name: 'Tecvity'
- link: https://tecvity.co/
- license: 'Software Services Provider'
- notes: 'Ongoing code contributions'
-
+services:
- name: "Aikido"
link: https://www.aikido.dev/
license: 'Commercial, free option'
+ - name: 'Astra'
+ link: https://www.getastra.com/
+ license: 'Commercial'
+
- name: 'Blacklock'
link: https://blacklock.io/
license: 'Commercial'
@@ -63,6 +37,10 @@ services_minus:
link: https://forwardsecurity.com/eureka-devsecops-service/
license: 'Commercial'
+ - name: 'HostedScan'
+ link: https://hostedscan.com/
+ license: 'Commercial, free option'
+
- name: 'Intruder'
link: https://www.intruder.io/
license: 'Commercial'
@@ -87,6 +65,11 @@ services_minus:
link: https://www.namicsoft.com/
license: 'Commercial'
+ - name: 'NightVision'
+ link: https://www.nightvision.net/
+ license: 'Commercial'
+ supporter: ZAP Supporter
+
- name: 'PatrOwl'
link: https://patrowl.io/
license: 'Commercial, free for open source projects'
@@ -103,6 +86,14 @@ services_minus:
link: https://www.sken.ai/
license: 'Commercial, free option'
+ - name: 'SOOS'
+ link: https://soos.io/soos-dast-no-limit/
+ license: 'Commercial'
+
+ - name: 'Tecvity'
+ link: https://tecvity.co/
+ license: 'Software Services Provider'
+
- name: 'Traceable'
link: https://docs.traceable.ai/docs/security-testing
license: 'Commercial'
diff --git a/site/layouts/page/supporters.html b/site/layouts/page/supporters.html
index 8d7ccc4f3..8b2bf9641 100755
--- a/site/layouts/page/supporters.html
+++ b/site/layouts/page/supporters.html
@@ -14,7 +14,8 @@
{{ .Params.description }}
{{- .Content -}}
-
Main Supporter
+
ZAP by Checkmarx
+ZAP is now backed by Checkmarx.
{{ partial "supporters.html" (dict "supporters" $.Site.Data.supporters.main) }}
-These companies use ZAP, and do the right thing by paying for a Support Package -
-these will help us become sustainable.
-
-If you are interested in a commercial product based on ZAP then please check them out.
+These companies known to use ZAP as part of their commercial offerings.
-{{ range $service := $.Site.Data.thirdparty.services_plus }}
+{{ range $service := $.Site.Data.thirdparty.services }}
-
- 
+
+