OWASP ZAP for DAST

Hey guys,

I'm trying to start implementing security in CI/CD pipeline, cause red team activity can't follow the implementation stream fastly.

I would like to ask all of you if OWASP ZAP could be consider a decente tool in order to run DAST on webapps and/or API endpoints in an enterprise network.

I know that such tool are prone to lot of false positive but product like Invicti cost a lot and at the moment are not affordable for me. …

api cd pipeline cost cybersecurity dast endpoints enterprise false positive fastly hey invicti network order owasp owasp zap pipeline product red team run security start stream team tool webapps zap