Currently, we have monthly releases. This month I have manually explored the application using OWASP ZAP and saved the session. In the next release i.e, next month can I use the same session to test the new release?
Keeping it short and simple, from functional perspective there is no harm in using the previously saved owasp zap session for the new release.
A new software release will essentially contain either/all of the following:
In the due coarse of the above mentioned aspects the functional and non-functional requirements of the product might have changed as well interms of:
These changes may address the previously discovered security risks and vulnerabilities of the system and its data as well as add new security risks and vulnerabilities too.
So, from the above mentioned reasons, it is always advisable to initiate the Software security-testing activity from a clean test environment, i.e. using a new zap session.