diff --git a/zap/docker-compose.yml b/zap/docker-compose.yml
new file mode 100644
index 0000000..448244e
--- /dev/null
+++ b/zap/docker-compose.yml
@@ -0,0 +1,19 @@
+services:
+  zap:
+    # Use the official stable image for ZAP from Docker Hub.
+    image: owasp/zap2docker-stable
+    container_name: owasp-zap
+    ports:
+      # Map the host ports to the container ports.
+      - "${ZAP_UI_PORT}:8080"
+      - "${ZAP_API_PORT}:8090"
+    volumes:
+      # Mount the named volume to the ZAP working directory.
+      - ${ZAP_VOLUME_NAME}:/zap/wrk
+    environment:
+      # Pass environment variables to the container.
+      - ZAP_AUTH_API_KEY=${ZAP_API_KEY}
+    # This command starts ZAP in a daemon mode.
+    command: "zap.sh -daemon -port 8080 -config api.key=${ZAP_API_KEY}"
+    # Automatically restart the container if it stops.
+    restart: always
\ No newline at end of file