# Best API Security Tools

*By [Lauren Worth](https://research.g2.com/insights/author/lauren-worth)*

The best API security software in 2026 is Postman, rated 4.6 out of 5 on G2 based on 1,700+ verified reviews. For teams prioritizing automated penetration testing, apisec.ai leads with the highest rating at 4.7 stars and seamless CI/CD integration.

1. Postman — 4.6/5 (1,700+ reviews): API endpoint security validation and collaborative testing
2. Cloudflare Application Security and Performance — 4.5/5 (600+ reviews): Edge-enforced WAF and API abuse protection
3. apisec.ai — 4.7/5 (200+ reviews): Continuous automated API penetration testing with CI/CD integration
4. Check Point WAF (formerly CloudGuard WAF) — 4.4/5 (80+ reviews): AI-driven API and zero-day threat prevention
5. Fastly&#39;s Web Application and API Security — 4.2/5 (30+ reviews): Low-tuning WAF with API-layer attack blocking

*Updated June 2026. Based on 2026 G2 verified review data across 1,680 products.*


API security tools protect information traveling through a company’s network via application programming interfaces (APIs). APIs serve a variety of purposes, such as adding functionality to applications, providing cloud services, and connecting networks. Companies use API security technologies to develop an inventory of existing API connections and ensure their security. These tools may additionally discover unknown or shadow APIs, which is a common scenario for companies using numerous APIs.

IT departments, software developers, and security professionals may use API security solutions to improve visibility for APIs, monitor their performance, and enforce strict security guidelines. As companies continuously discover new API connections, monitoring is key to ensuring optimum performance. Security enforcement is also important since many APIs contain sensitive data, which may turn into fines if left exposed. Lastly, many API security solutions include testing features. Testing APIs for security and policy enforcement may be the only way to verify an API’s security.

Some [API management platforms](https://www.g2.com/categories/api-management) provide tools to create an inventory of APIs connected to a network. However, this is only a feature-level functionality of the platform and will not provide substantial security functionality. It is not its most common use case.

To qualify for inclusion in the API Security Tools category, a product must:

- Discover and inventory the APIs connected to a network, application, or system
- Provide robust authentication mechanisms to restrict access to APIs and enable role-based access control (RBAC) to manage who can configure and modify API security settings
- Ensure that the data being sent to the API is encrypted, safe, and valid, and mitigate common threats such as DDoS attacks, replay attacks, and man-in-the-middle attacks
- Keep detailed logs of API access and activities to detect anomalies, monitor usage patterns, and support forensic investigations in case of security incidents
- Have comprehensive analytics and reporting capabilities to gain insights into API usage, performance, and security posture
- Perform security audits and vulnerability assessments to identify and address potential security risks
- Allow for testing and policy enforcement for API connections





## Top API Security Tools at a Glance
| # | Product | Rating | Best For | What Users Say |
|---|---------|--------|----------|----------------|
| 1 | [Postman](https://www.g2.com/products/postman/reviews) | 4.6/5.0 (1,745 reviews) | API endpoint security validation and collaborative testing | "[Streamlining API Testing and Development](https://www.g2.com/survey_responses/postman-review-12958633)" |
| 2 | [Cloudflare Application Security and Performance](https://www.g2.com/products/cloudflare-application-security-and-performance/reviews) | 4.5/5.0 (580 reviews) | Edge-enforced WAF and API abuse protection | "[Eight Years Later, Cloudflare Remains a Core Part of My Technology Stack](https://www.g2.com/survey_responses/cloudflare-application-security-and-performance-review-12963256)" |
| 3 | [Check Point WAF (formerly CloudGuard WAF)](https://www.g2.com/products/check-point-waf-formerly-cloudguard-waf/reviews) | 4.4/5.0 (82 reviews) | AI-driven API and zero-day threat prevention | "[Good protection and easy to manage web security](https://www.g2.com/survey_responses/check-point-waf-formerly-cloudguard-waf-review-13034239)" |
| 4 | [apisec.ai](https://www.g2.com/products/apisec-ai/reviews) | 4.7/5.0 (227 reviews) | Continuous automated API penetration testing with CI/CD integration | "[Best AI API tester I’ve ever used – easy to use with one-click analysis](https://www.g2.com/survey_responses/apisec-ai-review-11639883)" |
| 5 | [Fastly&#39;s Web Application and API Security](https://www.g2.com/products/fastly-s-web-application-and-api-security/reviews) | 4.2/5.0 (29 reviews) | Low-tuning WAF with API-layer attack blocking | "[Perfect API Protection](https://www.g2.com/survey_responses/fastly-s-web-application-and-api-security-review-12332835)" |
| 6 | [Rakuten SixthSense Observability](https://www.g2.com/products/rakuten-sixthsense-observability/reviews) | 4.6/5.0 (52 reviews) | Real-time API and application observability with unified tracing | "[A very good SAAS monitoring &amp; observability tool](https://www.g2.com/survey_responses/rakuten-sixthsense-observability-review-11287792)" |
| 7 | [Astra Pentest](https://www.g2.com/products/astra-pentest/reviews) | 4.6/5.0 (198 reviews) | Validated API pentesting with remediation-ready reporting | "[Exceptional VAPT Solution with Prompt Support](https://www.g2.com/survey_responses/astra-pentest-review-9603864)" |
| 8 | [Orca Security](https://www.g2.com/products/orca-security/reviews) | 4.7/5.0 (279 reviews) | Agentless cloud API exposure and risk prioritization | "[Orca Brings Clear Visibility and Control to Our Growing Fleet of AI Agents](https://www.g2.com/survey_responses/orca-security-review-13058233)" |
| 9 | [Azion](https://www.g2.com/products/azion/reviews) | 4.7/5.0 (31 reviews) | Edge WAF and API bot-blocking | "[Azion as one of the main strategic partners in cybersecurity.](https://www.g2.com/survey_responses/azion-review-12544164)" |
| 10 | [FortiAppSec Cloud](https://www.g2.com/products/fortiappsec-cloud/reviews) | 4.4/5.0 (29 reviews) | AI-automated WAF and API abuse protection | "[Centralized Threat Management, Easy Setup](https://www.g2.com/survey_responses/fortiappsec-cloud-review-12342944)" |

---
## What Are the Most Common Questions About API Security Tools?
*AI-generated · Last updated: May 26, 2026*
### Which is the best API security platform for enterprises?
Based on G2 reviews, Check Point WAF (formerly CloudGuard WAF) stands out for enterprise API security needs because reviewers consistently describe strong protection for web applications and APIs, cloud-native deployment, centralized policy management, and reduced manual tuning. According to verified users, it helps security teams block common attacks, improve visibility into traffic, and automate protection across cloud environments. G2 reviewers mention benefits such as API discovery, threat prevention, support for CI/CD workflows, and lower operational effort once the platform is configured. Reviewers also note tradeoffs, including a learning curve, setup complexity, and premium pricing, which enterprise teams should weigh against the broader automation and coverage it provides.


### What is the best software for API authentication and authorization?
Based on G2 reviews, buyers evaluating API authentication and authorization capabilities often focus on tools that help test, validate, and secure authenticated API traffic rather than identity platforms alone. According to verified users, Postman is frequently used to work with bearer tokens, OAuth, API keys, environments, and shared collections, making it useful for testing secured APIs across development and QA workflows. G2 reviewers mention that Cloudflare Application Security and Performance and Check Point WAF also help protect APIs through access controls, rate limiting, bot protection, and policy enforcement. Across reviews, buyers should expect strengths around visibility and testing, while also noting setup complexity or learning curves for more advanced security configurations.

**Here are some of the top-rated products on G2:**

- [Postman](https://www.g2.com/products/postman/reviews) – used to test secured APIs with bearer tokens, OAuth, API keys, and shared environments
- [Cloudflare Application Security and Performance](https://www.g2.com/products/cloudflare-application-security-and-performance/reviews) – helps enforce rate limiting, bot protection, and firewall controls for exposed APIs
- [Check Point WAF (formerly CloudGuard WAF)](https://www.g2.com/products/check-point-waf-formerly-cloudguard-waf/reviews) – protects APIs with policy enforcement, traffic inspection, and automated threat prevention


### What are the top-rated API security tools for large-scale APIs?
Based on G2 reviews, large-scale API teams often prioritize visibility, automation, and protection across complex environments. According to verified users, Cloudflare Application Security and Performance is valued for handling DDoS mitigation, WAF protection, bot management, and traffic optimization with relatively low ongoing maintenance. G2 reviewers mention Check Point WAF for multi-cloud API protection, automated threat prevention, and centralized visibility, especially where teams need support for modern web and API environments. Reviewers also describe apisec.ai as useful for automating API security testing, continuous scanning, and surfacing OWASP-style risks early in the development cycle. Common review themes across these products include easier scaling of security coverage, but also some onboarding and tuning effort.

**Here are some of the top-rated products on G2:**

- [Cloudflare Application Security and Performance](https://www.g2.com/products/cloudflare-application-security-and-performance/reviews) – used to protect high-traffic apps and APIs with WAF, bot defense, and DDoS mitigation
- [Check Point WAF (formerly CloudGuard WAF)](https://www.g2.com/products/check-point-waf-formerly-cloudguard-waf/reviews) – suited for cloud-native and multi-cloud API environments needing automated protection and visibility
- [apisec.ai](https://www.g2.com/products/apisec-ai/reviews) – helps large teams automate API security testing and continuous vulnerability scanning


### Which API security platform offers AI-powered threat prevention?
Based on G2 reviews, Check Point WAF (formerly CloudGuard WAF) is repeatedly described as offering AI-driven or contextual AI-based threat prevention for web applications and APIs. According to verified users, reviewers value its ability to detect and block threats such as SQL injection, XSS, bot activity, and zero-day style attacks while reducing manual rule tuning. G2 reviewers mention strengths like automated learning, behavioral analysis, low false positives in production use, and fit for cloud-native environments. Several reviews also point to visibility into traffic and support for API security use cases. Buyers should note that reviewers also mention a steeper setup and tuning process, especially for teams new to the platform or managing complex applications.


### What is the best API security software for compliance-driven industries?
Based on G2 reviews, compliance-focused buyers often look for tools that provide clear reporting, repeatable testing, and evidence they can share with auditors or customers. According to verified users, Astra Pentest is often used to support compliance requirements, client security reviews, and formal pentest documentation, with reviewers highlighting detailed reports, clear remediation guidance, and dashboard visibility. G2 reviewers also mention Intruder for continuous vulnerability scanning and ongoing visibility between formal assessments, and BugDazz API Scanner for technical and compliance-ready reporting used in audit scenarios. Across reviews, the strongest themes are actionable findings, easier proof for security diligence, and support for regular security validation rather than one-time checks alone.

**Here are some of the top-rated products on G2:**

- [Astra Pentest](https://www.g2.com/products/astra-pentest/reviews) – used to generate pentest reports and security evidence for audits, customers, and compliance workflows
- [Intruder](https://www.g2.com/products/intruder/reviews) – supports regular vulnerability scanning and clearer visibility between formal compliance assessments
- [BugDazz API Scanner](https://www.g2.com/products/bugdazz-api-scanner/reviews) – provides detailed reports that reviewers use for internal reviews and audit documentation


### What are the best platforms for API vulnerability scanning?
Based on G2 reviews, buyers looking for API vulnerability scanning tools often favor products that automate discovery, scanning, and remediation guidance. According to verified users, apisec.ai is widely used to automate API security testing, continuously scan for vulnerabilities, and provide actionable reporting that reduces manual effort. G2 reviewers mention Pynt - API Security Testing for automated API discovery and security testing tied closely to development workflows, especially where teams want fewer false positives and easier alerts. Reviewers also describe Akto API Security Platform as helpful for surfacing API issues quickly through a clear dashboard and automated checks. Common review themes include faster coverage and earlier detection, with some products requiring onboarding time or tuning for advanced scenarios.

**Here are some of the top-rated products on G2:**

- [apisec.ai](https://www.g2.com/products/apisec-ai/reviews) – automates continuous API vulnerability scanning and highlights common API security risks with actionable reports
- [Pynt - API Security Testing](https://www.g2.com/products/pynt-api-security-testing/reviews) – combines automated API discovery and security testing with fewer false positives in review feedback
- [Akto API Security Platform](https://www.g2.com/products/akto-api-security-platform/reviews) – helps teams find API security issues early through automated checks and a simple dashboard


### Which API security solution integrates with DevSecOps workflows?
Based on G2 reviews, several API security products are used within DevSecOps pipelines, but apisec.ai is frequently mentioned for CI/CD integration and automated testing in the software delivery process. According to verified users, it helps teams shift API security earlier in development by automating scans, generating reports, and reducing manual pentesting effort. G2 reviewers mention integrations with CI/CD pipelines as a key strength, alongside continuous testing and support for identifying issues before release. Reviewers also note that setup can take some onboarding for complex environments, but the payoff is stronger coverage and faster remediation. For teams prioritizing pipeline-based security validation, apisec.ai appears especially well aligned with review feedback.


### What are the top tools for protecting public and private APIs?
Based on G2 reviews, protecting both public-facing and internal APIs often requires a mix of traffic inspection, discovery, and automated defense. According to verified users, Cloudflare Application Security and Performance is used to secure exposed services with firewall controls, bot management, rate limiting, and DDoS mitigation while also improving availability. G2 reviewers mention Check Point WAF for API protection across cloud and hybrid environments with strong inspection and automated threat prevention. Reviewers also describe Cequence Security as valuable for API visibility, bot detection, and identifying abuse patterns across complex environments. Across reviews, buyers should expect strong coverage for external threats and unknown APIs, while also planning for tuning and onboarding where environments are large or highly customized.

**Here are some of the top-rated products on G2:**

- [Cloudflare Application Security and Performance](https://www.g2.com/products/cloudflare-application-security-and-performance/reviews) – secures exposed APIs with WAF controls, rate limiting, DDoS mitigation, and bot protection
- [Check Point WAF (formerly CloudGuard WAF)](https://www.g2.com/products/check-point-waf-formerly-cloudguard-waf/reviews) – protects APIs across cloud and hybrid setups with inspection, policy controls, and automated defenses
- [Cequence Security](https://www.g2.com/products/cequence-security/reviews) – helps discover APIs and detect abuse patterns, credential stuffing, and automated bot attacks


### What are the top tools for preventing API data breaches?
Based on G2 reviews, preventing API data breaches starts with better visibility into exposed endpoints, sensitive traffic, and abusive behavior. According to verified users, Cequence Security is valued for detecting abnormal API activity, credential stuffing, scraping, and abuse patterns that can lead to account compromise or data loss. G2 reviewers mention Cloudflare Application Security and Performance for shielding apps and APIs with WAF, DDoS protection, bot management, and rate limiting. Reviewers also describe Levo.ai as useful for API inventory, identifying unknown APIs, and surfacing risks in API-first environments. Common themes across reviews include discovering blind spots, reducing manual monitoring, and improving response to misuse before it becomes a larger incident.

**Here are some of the top-rated products on G2:**

- [Cequence Security](https://www.g2.com/products/cequence-security/reviews) – helps stop credential stuffing, scraping, and abnormal API behavior tied to data exposure risk
- [Cloudflare Application Security and Performance](https://www.g2.com/products/cloudflare-application-security-and-performance/reviews) – provides WAF, bot defense, and rate limiting to reduce abuse against exposed APIs
- [Levo.ai](https://www.g2.com/products/levo-ai/reviews) – helps discover API inventory and identify unidentified APIs that could increase breach risk


### Which API protection tool offers real-time threat detection?
Based on G2 reviews, Wallarm API Security Platform is specifically called out by reviewers for accurate real-time API threat detection with few false positives. According to verified users, it is used to protect APIs and web applications from modern attacks, including OWASP-style threats and zero-day risks. G2 reviewers mention the appeal of real-time detection quality, while also noting that configuration and tuning can be time-consuming for newer users. Review feedback suggests it is a strong fit for teams that prioritize fast threat visibility and ongoing protection at the API layer. Buyers should plan for implementation effort, but the real-time detection focus is a clear recurring theme in the available G2 feedback.




## How Many API Security Tools Products Does G2 Track?
**Total Products under this Category:** 68

### Category Stats (Jul 2026)
- **Average Rating**: 4.54/5 The average rating of products in this category, based on all submitted ratings
- **Top Trending Product**: Orca Security (+0.39%) - Among all products in this category, Orca Security recorded the largest rating increase compared to last month
*Last updated: July 02, 2026*


## How Does G2 Rank API Security Tools Products?

**Why You Can Trust G2's Software Rankings:**

- 30 Analysts and Data Experts
- 4,900+ Authentic Reviews
- 68+ Products
- Unbiased Rankings

G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category.


## Which API Security Tools Is Best for Your Use Case?

- **Leader:** [Postman](https://www.g2.com/products/postman/reviews)
- **Highest Performer:** [apisec.ai](https://www.g2.com/products/apisec-ai/reviews)
- **Easiest to Use:** [Postman](https://www.g2.com/products/postman/reviews)
- **Top Trending:** [Astra Pentest](https://www.g2.com/products/astra-pentest/reviews)
- **Best Free Software:** [Postman](https://www.g2.com/products/postman/reviews)


---

**Sponsored**

### IRONSCALES

IRONSCALES is a cloud-native email security platform that helps enterprises and MSPs close gaps with mailbox-level detection, autonomous remediation, and built-in user training. It combines AI and human insights that continuously learn from user behavior, message context, and analyst feedback to identify advanced threats like BEC, account takeovers, impersonation, and other advanced phishing attacks. IRONSCALES is headquartered in Atlanta, Georgia and is proud to serve more than 17,000 customers globally. IRONSCALES leverages adaptive AI and its Agentic AI engine, Themis, to drive autonomous, mailbox-level remediation with customizable automation. Smart clustering, context-driven decisioning, and user-reported inputs enable Themis to remediate threats in real time while preserving analyst oversight and control. Designed for rapid deployment via API, IRONSCALES integrates with existing security stacks without requiring MX record changes. To reduce risk, improve SOC efficiency, and support a proactive security culture, its comprehensive capabilities also include: - Phishing Simulations - Security Awareness Training - DMARC management - Deepfake Live Protection - Generative AI tools



[Visit website](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=ppc&amp;secure%5Bad_slot%5D=category_product_list&amp;secure%5Bcategory_id%5D=2253&amp;secure%5Bchosen_at%5D=2026-07-02T13%3A03%3A35Z&amp;secure%5Bdisplayable_resource_id%5D=2253&amp;secure%5Bdisplayable_resource_type%5D=Category&amp;secure%5Bmedium%5D=sponsored&amp;secure%5Bplacement_reason%5D=page_category&amp;secure%5Bplacement_resource_ids%5D%5B%5D=2253&amp;secure%5Bprioritized%5D=false&amp;secure%5Bproduct_id%5D=127324&amp;secure%5Bresource_id%5D=2253&amp;secure%5Bresource_type%5D=Category&amp;secure%5Bsource_type%5D=category_page&amp;secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fapi-security&amp;secure%5Btoken%5D=eaa95f49898cd4b1b855be9b792af7c211594fafa054c8791949b05a0d87c719&amp;secure%5Burl%5D=https%3A%2F%2Fsecure.ironscales.com%2F90-day-scan-back%3Futm_source%3Dg2%26utm_medium%3Daffiliate%26utm_campaign%3Dg2-ads&amp;secure%5Burl_type%5D=custom_url)

---

## What Are the Top-Rated API Security Tools Products in 2026?
### 1. [Postman](https://www.g2.com/products/postman/reviews)
Postman is the world’s leading API platform, used by more than 40 million developers and 500,000 organizations to build, test, and manage APIs at scale. With Postman, teams collaborate efficiently across the entire API lifecycle, including design, development, testing, security, documentation, and governance. The platform helps ensure consistency, quality, and enterprise-grade control. Postman also offers Agent Mode (beta), built on AWS Bedrock and trained with AWS SageMaker. Agent Mode enables developers to use natural language to debug requests, organize collections, document APIs, and automate workflows without switching tools or writing custom scripts.


**Average Rating:** 4.6/5.0
**Total Reviews:** 1,745
**How Do G2 Users Rate Postman?**

- **API Testing:** 9.5/10 (Category avg: 9.1/10)
- **API Monitoring:** 9.1/10 (Category avg: 8.8/10)

**Who Is the Company Behind Postman?**

- **Seller:** [Postman](https://www.g2.com/sellers/postman)
- **Year Founded:** 2014
- **HQ Location:** San Francisco, CA
- **Twitter:** @getpostman (55,430 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/3795851/ (3,450 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Software Engineer, Software Developer
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 39% Mid-Market, 35% Small-Business


#### What Are Postman's Pros and Cons?

**Pros:**

- Ease of Use (467 reviews)
- API Testing (394 reviews)
- API Management (304 reviews)
- Testing (278 reviews)
- Testing Efficiency (276 reviews)

**Cons:**

- Slow Performance (222 reviews)
- Performance Issues (202 reviews)
- Slow Loading (145 reviews)
- Resource Limitations (131 reviews)
- Limited Features (120 reviews)


### What Do G2 Reviewers Say About Postman?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of use** in Postman, facilitating quick testing, debugging, and collaboration for APIs.
- Users appreciate the **intuitive and user-friendly API testing** capabilities of Postman, enhancing efficiency and collaboration.
- Users value the **smooth API lifecycle** in Postman, facilitating efficient testing, mocking, and automation for projects.
- Users praise Postman for its **intuitive testing capabilities** , making API management effortless and efficient for teams.
- Users value the **testing efficiency** of Postman, finding it intuitive and easy for managing APIs and workflows.

**Cons:**

- Users experience **slow performance** with Postman, especially when dealing with large or complex projects, impacting efficiency.
- Users report **performance issues** with Postman, noting it can be heavy on system resources and slow with syncing.
- Users often find Postman **slow to load** , particularly with large collections and multiple tabs open, impacting efficiency.
- Users notice that **resource limitations** in Postman can hinder performance, especially with large collections and limited hardware.
- Users feel that Postman has **limited features** in the free tier, restricting access for smaller teams.

#### What Are Recent G2 Reviews of Postman?

**"[The easiest way I&#39;ve found to work with APIs](https://www.g2.com/survey_responses/postman-review-13046207)"**

**Rating:** 4.5/5.0 stars
*— Miguel F.*

[Read full review](https://www.g2.com/survey_responses/postman-review-13046207)

---

**"[Streamlining API Testing and Development](https://www.g2.com/survey_responses/postman-review-12958633)"**

**Rating:** 5.0/5.0 stars
*— Srinath  R.*

[Read full review](https://www.g2.com/survey_responses/postman-review-12958633)

---


#### What Are G2 Users Discussing About Postman?

- [What is Postman used for?](https://www.g2.com/discussions/what-is-postman-used-for) - 8 comments, 2 upvotes

### 2. [Cloudflare Application Security and Performance](https://www.g2.com/products/cloudflare-application-security-and-performance/reviews)
Cloudflare is the connectivity cloud for the &quot;everywhere world,&quot; on a mission to help build a better Internet. We provide a unified platform of networking, security, and developer services delivered from a single, intelligent global network that spans hundreds of cities in over 125 countries. This empowers organizations of all sizes, from small businesses to the world&#39;s largest enterprises, to make their employees, applications, and networks faster and more secure everywhere, while significantly reducing complexity and cost. Our comprehensive platform includes: - Advanced Security: Protect your online presence with industry-leading DDoS protection, a robust Web Application Firewall (WAF), Bot mitigation, and API security. Implement Zero Trust security to secure remote access, data, and applications for your entire workforce. - Superior Performance: Accelerate website and application loading times globally with our Content Delivery Network (CDN), intelligent DNS, and smart routing capabilities. Optimize images and deliver dynamic content with unparalleled speed. - Powerful Developer Tools: Empower your developers to build and deploy full-stack applications at the edge using Cloudflare Workers (serverless functions), R2 Storage (object storage without egress fees), and D1 (serverless SQL database). Cloudflare helps connect and protect millions of customers globally, offering the control, visibility, and reliability businesses need to work, develop, and accelerate their operations in today&#39;s hyperconnected landscape. Our global network continuously learns and adapts, ensuring your digital assets are always protected and performing at their best.


**Average Rating:** 4.5/5.0
**Total Reviews:** 580
**How Do G2 Users Rate Cloudflare Application Security and Performance?**

- **API Testing:** 10.0/10 (Category avg: 9.1/10)
- **API Monitoring:** 9.8/10 (Category avg: 8.8/10)

**Who Is the Company Behind Cloudflare Application Security and Performance?**

- **Seller:** [Cloudflare, Inc.](https://www.g2.com/sellers/cloudflare-inc)
- **Company Website:** https://www.cloudflare.com
- **Year Founded:** 2009
- **HQ Location:** San Francisco, California
- **Twitter:** @Cloudflare (286,254 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/407222/ (7,190 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Web Developer, Software Engineer
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 62% Small-Business, 27% Mid-Market


#### What Are Cloudflare Application Security and Performance's Pros and Cons?

**Pros:**

- Security (54 reviews)
- Ease of Use (50 reviews)
- Features (45 reviews)
- Performance (36 reviews)
- Reliability (36 reviews)

**Cons:**

- Complex User Interface (24 reviews)
- Expensive (24 reviews)
- Complex Setup (19 reviews)
- Complexity (18 reviews)
- Learning Curve (15 reviews)


### What Do G2 Reviewers Say About Cloudflare Application Security and Performance?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **strong security features** of Cloudflare, providing robust protection and peace of mind for sensitive data.
- Users commend Cloudflare for its **user-friendly interface** , enabling effortless management of security and performance settings.
- Users appreciate the **easy setup and fast performance** of Cloudflare, enhancing security and content delivery effortlessly.
- Users value the **fast and easy performance improvements** of Cloudflare, enabling efficient content delivery with minimal latency.
- Users value the **reliable performance** and security of Cloudflare, noting its fast setup and effective protection features.

**Cons:**

- Users find the **complex user interface** challenging, requiring time to adapt and fine-tune settings effectively.
- Users find Cloudflare&#39;s pricing **expensive** and confusing, lacking clear guidance on tier benefits and features.
- Users find the **complex setup** of WAF rules and settings time-consuming and challenging, especially for dynamic applications.
- Users find the **complexity of setup** and extensive fine-tuning requirements challenging, impacting usability and understanding.
- Users find the **steep learning curve** for setup and advanced features challenging, often overwhelming for beginners.

#### What Are Recent G2 Reviews of Cloudflare Application Security and Performance?

**"[Eight Years Later, Cloudflare Remains a Core Part of My Technology Stack](https://www.g2.com/survey_responses/cloudflare-application-security-and-performance-review-12963256)"**

**Rating:** 5.0/5.0 stars
*— Chevas M.*

[Read full review](https://www.g2.com/survey_responses/cloudflare-application-security-and-performance-review-12963256)

---

**"[Powerful Security and Faster Performance in One Intuitive Cloudflare Platform](https://www.g2.com/survey_responses/cloudflare-application-security-and-performance-review-12971554)"**

**Rating:** 5.0/5.0 stars
*— Othrax B.*

[Read full review](https://www.g2.com/survey_responses/cloudflare-application-security-and-performance-review-12971554)

---


#### What Are G2 Users Discussing About Cloudflare Application Security and Performance?

- [What is Cloudflare Spectrum used for?](https://www.g2.com/discussions/what-is-cloudflare-spectrum-used-for) - 1 comment
- [What is Cloudflare Bot Management used for?](https://www.g2.com/discussions/what-is-cloudflare-bot-management-used-for)
- [Does Cloudflare provide hosting?](https://www.g2.com/discussions/does-cloudflare-provide-hosting) - 2 comments
- [How good is Cloudflare DNS?](https://www.g2.com/discussions/how-good-is-cloudflare-dns) - 1 comment, 1 upvote
- [What does DDoS protection do?](https://www.g2.com/discussions/what-does-ddos-protection-do)

### 3. [Check Point WAF (formerly CloudGuard WAF)](https://www.g2.com/products/check-point-waf-formerly-cloudguard-waf/reviews)
CloudGuard WAF is a cloud-native Web and API security solution designed to help users safeguard their applications from both known and unknown threats. By leveraging advanced contextual AI, this solution provides precise threat prevention without the need for traditional signature-based detection methods. This innovative approach allows organizations to maintain a robust security posture while minimizing the risks associated with evolving cyber threats. Targeted primarily at businesses that rely on web applications and APIs, CloudGuard WAF is particularly beneficial for enterprises in sectors such as finance, healthcare, and e-commerce, where data protection is paramount. The solution is designed to address the complex security challenges that arise in modern application environments, especially those utilizing continuous integration and continuous deployment (CI/CD) practices. As organizations increasingly adopt cloud-native architectures, the need for flexible and efficient security solutions becomes critical. One of the standout features of CloudGuard WAF is its preemptive protection capabilities. By employing machine learning-based security measures, the solution can effectively prevent zero-day threats, which are vulnerabilities that have not yet been discovered or patched. This proactive approach eliminates the reliance on frequent signature updates, allowing organizations to stay ahead of potential attacks without the need for constant manual intervention. Moreover, CloudGuard WAF excels in precise detection, enabling it to identify a broader range of attacks while minimizing the need for ongoing fine-tuning and exception creation. This feature not only enhances the accuracy of threat detection but also reduces the operational burden on security teams, allowing them to focus on more strategic initiatives rather than routine adjustments. Designed with cloud-native principles in mind, CloudGuard WAF supports CI/CD-friendly deployment and automation. This means that organizations can easily integrate the solution into their existing workflows, from installation to upgrades and configuration. By utilizing declarative infrastructure-as-code or APIs, users can streamline their security processes, ensuring that their applications remain protected as they evolve. Overall, CloudGuard WAF represents a significant advancement in the realm of web and API security, offering organizations a sophisticated and adaptable solution to combat the ever-changing landscape of cyber threats. Its combination of preemptive protection, precise detection, and cloud-native design makes it a valuable asset for any organization looking to enhance its security posture in today&#39;s digital environment.


**Average Rating:** 4.4/5.0
**Total Reviews:** 82
**How Do G2 Users Rate Check Point WAF (formerly CloudGuard WAF)?**

- **API Testing:** 8.7/10 (Category avg: 9.1/10)
- **API Monitoring:** 8.9/10 (Category avg: 8.8/10)

**Who Is the Company Behind Check Point WAF (formerly CloudGuard WAF)?**

- **Seller:** [Check Point Software Technologies](https://www.g2.com/sellers/check-point-software-technologies)
- **Company Website:** https://www.checkpoint.com/
- **Year Founded:** 1993
- **HQ Location:** Redwood City, CA
- **Twitter:** @CheckPointSW (70,955 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/check-point-software-technologies/ (8,554 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 59% Mid-Market, 25% Small-Business


#### What Are Check Point WAF (formerly CloudGuard WAF)'s Pros and Cons?

**Pros:**

- Protection (35 reviews)
- Security (29 reviews)
- Cybersecurity (21 reviews)
- DDoS Protection (21 reviews)
- WAF (Web Application Firewall) (18 reviews)

**Cons:**

- Complex Setup (21 reviews)
- Expensive (14 reviews)
- Learning Difficulty (13 reviews)
- Difficult Learning Curve (11 reviews)
- Poor Documentation (9 reviews)


### What Do G2 Reviewers Say About Check Point WAF (formerly CloudGuard WAF)?
*AI-generated summary from verified user reviews*

**Pros:**

- Users praise the **strong protection** of Check Point WAF, effectively defending against various web application attacks.
- Users value the **robust security** of Check Point CloudGuard WAF, appreciating its advanced threat prevention and easy management.
- Users value the **proactive and AI-driven threat prevention** of Check Point CloudGuard WAF for its comprehensive coverage.
- Users appreciate the **AI-driven threat prevention** of Check Point CloudGuard WAF, ensuring effective protection with minimal effort.
- Users appreciate the **easy management** of Check Point WAF across hybrid environments, enhancing operational efficiency and protection.

**Cons:**

- Users find the **complex setup** challenging, hindering initial adoption and making management difficult for new users.
- Users find the **pricing for Check Point WAF** to be high, especially impacting smaller teams and businesses.
- Users face a **steep learning curve** with Check Point WAF, complicating the initial setup and user experience.
- Users face a **difficult learning curve** with Check Point WAF, complicating initial setup and understanding key features.
- Users find the **poor documentation** of Check Point WAF to significantly hinder their onboarding and understanding of the system.

#### What Are Recent G2 Reviews of Check Point WAF (formerly CloudGuard WAF)?

**"[Good protection and easy to manage web security](https://www.g2.com/survey_responses/check-point-waf-formerly-cloudguard-waf-review-13034239)"**

**Rating:** 5.0/5.0 stars
*— Ijlal K.*

[Read full review](https://www.g2.com/survey_responses/check-point-waf-formerly-cloudguard-waf-review-13034239)

---

**"[Strong and reliable WAF for modern web and API security](https://www.g2.com/survey_responses/check-point-waf-formerly-cloudguard-waf-review-12736414)"**

**Rating:** 4.5/5.0 stars
*— Dharamveer p.*

[Read full review](https://www.g2.com/survey_responses/check-point-waf-formerly-cloudguard-waf-review-12736414)

---



### 4. [apisec.ai](https://www.g2.com/products/apisec-ai/reviews)
APIsec automated API testing platform automatically analyzes applications, simulates sophisticated attacks across the full spectrum of OWASP threats, and uncovers vulnerabilities and exploits before they reach production. By eliminating the need for time-consuming manual testing, APIsec helps security and development teams strengthen their security posture with continuous, preventative API protection. In addition, APIsec operates APIsec University, the world’s most popular API security education platform, offering dozens of free courses and a vibrant community of over 100,000 members. Together, our advanced security solutions and educational resources enable organizations to build, deploy, and maintain secure applications with confidence.


**Average Rating:** 4.7/5.0
**Total Reviews:** 227
**How Do G2 Users Rate apisec.ai?**

- **API Testing:** 9.0/10 (Category avg: 9.1/10)
- **API Monitoring:** 8.7/10 (Category avg: 8.8/10)

**Who Is the Company Behind apisec.ai?**

- **Seller:** [apisec.ai](https://www.g2.com/sellers/apisec-ai)
- **Year Founded:** 2018
- **HQ Location:** San Francisco, US
- **LinkedIn® Page:** http://www.linkedin.com/company/apisec (41 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Security Consultant, Cyber Security Analyst
- **Top Industries:** Computer &amp; Network Security, Information Technology and Services
- **Company Size:** 64% Small-Business, 23% Mid-Market


#### What Are apisec.ai's Pros and Cons?

**Pros:**

- Security (71 reviews)
- Ease of Use (61 reviews)
- API Management (56 reviews)
- Testing Efficiency (56 reviews)
- Automation (50 reviews)

**Cons:**

- API Issues (25 reviews)
- Complex Setup (19 reviews)
- Poor Documentation (13 reviews)
- Difficult Learning Curve (12 reviews)
- Expensive (9 reviews)


### What Do G2 Reviewers Say About apisec.ai?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **excellent security coverage** of Apisec, effectively addressing top API vulnerabilities with ease of use.
- Users appreciate the **ease of use** of APISec.ai, enjoying quick onboarding and a smooth scanning process.
- Users commend apisec.ai for its **automatic endpoint discovery** , enhancing visibility and simplifying API security assessments.
- Users appreciate the **testing efficiency** of apisec.ai, enabling effortless, automated API security scans with minimal setup.
- Users love the **automation of API scanning** with apisec.ai, saving time and simplifying security testing effortlessly.

**Cons:**

- Users find **API issues** like complex authentication and limited guidance challenging for new users and effective testing.
- Users find the **complex setup** challenging initially, wishing for clearer guides and documentation to simplify usage.
- Users struggle with the **poor documentation** of apisec.ai, making it difficult for developers to utilize the products effectively.
- Users report a **difficult learning curve** with APIsec.ai, particularly for those new to security tools and features.
- Users find the **cost of certifications** to be high, wishing for more affordable options or offerings.

#### What Are Recent G2 Reviews of apisec.ai?

**"[Best AI API tester I’ve ever used – easy to use with one-click analysis](https://www.g2.com/survey_responses/apisec-ai-review-11639883)"**

**Rating:** 5.0/5.0 stars
*— B.B Shalitha M.*

[Read full review](https://www.g2.com/survey_responses/apisec-ai-review-11639883)

---

**"[Scanning at Scale at the age of AI with APISec](https://www.g2.com/survey_responses/apisec-ai-review-11038850)"**

**Rating:** 4.0/5.0 stars
*— Suvam A.*

[Read full review](https://www.g2.com/survey_responses/apisec-ai-review-11038850)

---



### 5. [Fastly&#39;s Web Application and API Security](https://www.g2.com/products/fastly-s-web-application-and-api-security/reviews)
Fastly’s AppSec solutions empower teams to mitigate threats and control bots while helping the business move faster, confidently. Protect Your Apps and APIs While Accelerating Growth with Fastly’s Next-Gen WAF, DDoS Protection, Bot Management, API Security, and more. Our solutions are designed to help you stop cyber threats from derailing your biggest moments, accelerate innovation while minimizing new risk, and govern bots without increasing user friction.


**Average Rating:** 4.2/5.0
**Total Reviews:** 29

**Who Is the Company Behind Fastly&#39;s Web Application and API Security?**

- **Seller:** [Fastly](https://www.g2.com/sellers/fastly)
- **Year Founded:** 2011
- **HQ Location:** San Francisco, California, United States
- **Twitter:** @Fastly (29,199 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/2602522/ (1,398 employees on LinkedIn®)
- **Ownership:** NYSE: FSLY

**Who Uses This Product?**
- **Top Industries:** Computer Software
- **Company Size:** 50% Mid-Market, 37% Enterprise


#### What Are Fastly&#39;s Web Application and API Security's Pros and Cons?

**Pros:**

- Ease of Use (5 reviews)
- Security (5 reviews)
- Customer Support (3 reviews)
- DDoS Protection (3 reviews)
- Protection (3 reviews)

**Cons:**

- Expensive (3 reviews)
- Poor Customer Support (3 reviews)
- Complex Configuration (2 reviews)
- Complex Setup (2 reviews)
- Complex Management (1 reviews)


### What Do G2 Reviewers Say About Fastly&#39;s Web Application and API Security?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of setup and user-friendly GUI** of Fastly&#39;s Web Application and API Security product.
- Users appreciate the **robust protection against attacks** offered by Fastly&#39;s Web Application and API Security, ensuring easy HTTPS access.
- Users praise the **excellent customer support** provided by Fastly, enhancing their implementation and usage experience.
- Users commend the **effective DDoS protection** of Fastly, ensuring robust security against various web application threats.
- Users appreciate the **excellent security** provided by Fastly&#39;s Web Application and API Security against various types of attacks.

**Cons:**

- Users find the **pricing to be expensive** , especially for small projects and additional technical support costs.
- Users express frustration with **poor customer support** , making it challenging to receive timely assistance for their needs.
- Users find the **complex configuration** of Fastly&#39;s Web Application and API Security to be overwhelming and cumbersome.
- Users find the **complex setup** of Fastly&#39;s Web Application and API Security to be time-consuming and challenging.
- Users find the **complex management** of Fastly&#39;s Web Application and API Security to be cumbersome and time-consuming.

#### What Are Recent G2 Reviews of Fastly&#39;s Web Application and API Security?

**"[Perfect API Protection](https://www.g2.com/survey_responses/fastly-s-web-application-and-api-security-review-12332835)"**

**Rating:** 5.0/5.0 stars
*— Vladimir M.*

[Read full review](https://www.g2.com/survey_responses/fastly-s-web-application-and-api-security-review-12332835)

---

**"[It’s an easy to use and provides the better security to application, API and devops environment](https://www.g2.com/survey_responses/fastly-s-web-application-and-api-security-review-9336328)"**

**Rating:** 5.0/5.0 stars
*— Shakir K.*

[Read full review](https://www.g2.com/survey_responses/fastly-s-web-application-and-api-security-review-9336328)

---



### 6. [Rakuten SixthSense Observability](https://www.g2.com/products/rakuten-sixthsense-observability/reviews)
In today&#39;s digital landscape, businesses need a powerful and comprehensive Application Performance Monitoring (APM) solution to stay ahead of the curve. Introducing Rakuten SixthSense Observability - a next-generation APM tool that transforms the way you monitor, analyze, and optimize your applications and infrastructure. With its robust suite of features and advanced analytics, Rakuten SixthSense Observability empowers you to proactively identify and resolve issues, streamline operations, and enhance customer experiences. Key Capabilities: • Comprehensive Monitoring and Alerting: Rakuten SixthSense Observability offers end-to-end monitoring of your applications, infrastructure, and network performance. With real-time alerting and customizable dashboards, you can quickly detect issues and gain actionable insights into the health and performance of your systems. • Distributed Tracing and Correlation: Gain full visibility into your application&#39;s performance with distributed tracing, which tracks transactions and requests across multiple services and components. This feature helps you identify bottlenecks, latency issues, and errors, making it easier to optimize your application and enhance customer experiences. • Anomaly Detection and Machine Learning: Leverage Rakuten SixthSense&#39;s advanced machine learning capabilities to automatically identify unusual patterns and deviations in application performance and resource utilization. This proactive approach enables you to detect and resolve issues before they impact your business and customers. • Advanced Analytics and Visualization: Rakuten SixthSense&#39;s rich data visualization and analytics tools allow you to dive deep into your application performance data. Generate custom reports, analyze trends, and uncover hidden patterns that can drive continuous improvement and optimization. • Log Management and Integration: Effortlessly collect, analyze, and store logs from various sources with Rakuten SixthSense&#39;s integrated log management feature. This seamless integration enables you to correlate log data with performance metrics and traces, providing a comprehensive understanding of your application&#39;s behaviour. • Scalability and Flexibility: Rakuten SixthSense Observability is built to scale with your growing business needs, supporting a wide range of applications, services, and infrastructure. Its flexible architecture allows you to customize the tool to your specific requirements and integrate it with other monitoring and observability solutions. Current Feature set: • Application Performance Monitoring: Full stack visibility across Java, PHP, Node.js, Python, Go and a lot more! Key Features include, Distributed Tracing, Profiling, Database Monitoring • Infrastructure Monitoring: Get a birds-eye view of your infrastructure health and gain granular insights with easy deployment Key Features include Kubernetes, VMs, Web Servers, Cloud Integrations • Digital Experience Monitoring: Improve the end-user experience of your applications mapped with contextual information of application performance metrics • Browser Monitoring: Metrics to optimize end users’ experience and help in improving application performance. • Mobile Monitoring: Monitor crashes, performance &amp; usage metrics for your mobile applications • Synthetic Monitoring: Stimulate end-user transactions using low code, no code test scripts • VM Monitoring: VM monitoring capability lets you view your infrastructure performance and health of servers, virtual machines, containers, databases etc. at a glance. • SixthSense Cognitive Engine: Modern observability and the proactive approach using artificial intelligence. The application uses different AI/ML algorithms that can predict performance metrics with an accuracy of up to 98% and a confidence level of 90%.


**Average Rating:** 4.6/5.0
**Total Reviews:** 52
**How Do G2 Users Rate Rakuten SixthSense Observability?**

- **API Testing:** 9.3/10 (Category avg: 9.1/10)
- **API Monitoring:** 10.0/10 (Category avg: 8.8/10)

**Who Is the Company Behind Rakuten SixthSense Observability?**

- **Seller:** [Rakuten SixthSense](https://www.g2.com/sellers/rakuten-sixthsense-f1af4c23-8be7-4bf4-a775-a4d50eebce5d)
- **Year Founded:** 2016
- **HQ Location:** Bengaluru, IN
- **LinkedIn® Page:** https://www.linkedin.com/company/rakuten-sixthsense/ (5 employees on LinkedIn®)
- **Ownership:** TYO: 4755

**Who Uses This Product?**
- **Who Uses This:** Senior Software Engineer
- **Top Industries:** Information Technology and Services, Computer Games
- **Company Size:** 47% Enterprise, 38% Mid-Market


#### What Are Rakuten SixthSense Observability's Pros and Cons?

**Pros:**

- Monitoring (11 reviews)
- Alerting System (9 reviews)
- Customer Support (9 reviews)
- Ease of Use (9 reviews)
- Implementation Ease (9 reviews)

**Cons:**

- Complex Setup (3 reviews)
- Poor Documentation (3 reviews)
- Alert Issues (2 reviews)
- Inefficient Alert System (2 reviews)
- Insufficient Information (2 reviews)


### What Do G2 Reviewers Say About Rakuten SixthSense Observability?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **deep visibility** Rakuten SixthSense provides into application and infrastructure performance, enhancing monitoring and decision-making.
- Users value the **efficient alerting system** that simplifies monitoring and provides quick access to crucial performance metrics.
- Users appreciate the **excellent customer support** offered by Rakuten SixthSense, enhancing their overall experience and satisfaction.
- Users appreciate the **ease of use** of Rakuten SixthSense, making monitoring and issue resolution straightforward and efficient.
- Users find the **implementation process easy and smooth** , enabling quick onboarding and effortless management of the tool.

**Cons:**

- Users find the **complex setup** of Rakuten SixthSense Observability challenging, requiring significant onboarding efforts initially.
- Users find the **documentation lacking** , which complicates setup and customization for those with complex infrastructure.
- Users experience **false positive alerts** and seek improved monitoring functionalities for error records in Dashboard emails.
- Users face issues with the **inefficient alert system** , including false positives and lacking timely dashboard updates.
- Users find the **insufficient documentation** of Rakuten SixthSense Observability a significant drawback in their experience.

#### What Are Recent G2 Reviews of Rakuten SixthSense Observability?

**"[A very good SAAS monitoring &amp; observability tool](https://www.g2.com/survey_responses/rakuten-sixthsense-observability-review-11287792)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Computer Games*

[Read full review](https://www.g2.com/survey_responses/rakuten-sixthsense-observability-review-11287792)

---

**"[Great monitoring tool!](https://www.g2.com/survey_responses/rakuten-sixthsense-observability-review-8230168)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Information Technology and Services*

[Read full review](https://www.g2.com/survey_responses/rakuten-sixthsense-observability-review-8230168)

---



### 7. [Astra Pentest](https://www.g2.com/products/astra-pentest/reviews)
Astra Security is a leading continuous penetration testing platform that combines AI-powered autonomous pentesting with certified expert-led assessments. Powered by Attack AI, trained on 6.8M+ security findings and insights from 5,000+ real-world pentests. Astra deploys intelligent agents that continuously discover, validate, prioritize, and help remediate vulnerabilities at scale. While AI handles speed and scale, Astra’s certified security experts focus on what automation alone cannot: complex business logic flaws, multi-step attack chains, advanced exploit paths, and emerging AI/LLM-specific threats. Built for modern engineering teams, Astra integrates directly into CI/CD workflows, enabling continuous security validation between releases instead of relying on outdated annual pentests. The platform delivers comprehensive Autonomous Pentest powered by AI agents, DAST vulnerability scanner and human-driven pentests across web apps, AI/LLMs, mobile apps, APIs, cloud infrastructure. Astra is CREST-accredited, CERT-IN empaneled, and a PCI ASV-certified vendor. Our team also led the development of the OWASP APTS framework, helping shape the industry standard for continuous security testing. Today, 1,500+ organizations across 70+ countries trust Astra Security, including Ford, Loom, CompTIA, Hitachi, HackerRank, and OLX.


**Average Rating:** 4.6/5.0
**Total Reviews:** 198
**How Do G2 Users Rate Astra Pentest?**

- **API Testing:** 10.0/10 (Category avg: 9.1/10)
- **API Monitoring:** 10.0/10 (Category avg: 8.8/10)

**Who Is the Company Behind Astra Pentest?**

- **Seller:** [ASTRA IT, Inc.](https://www.g2.com/sellers/astra-it-inc)
- **Company Website:** https://www.getastra.com/
- **Year Founded:** 2018
- **HQ Location:** New Delhi, IN
- **Twitter:** @getastra (694 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/getastra/ (130 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** CTO, CEO
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 65% Small-Business, 29% Mid-Market


#### What Are Astra Pentest's Pros and Cons?

**Pros:**

- Customer Support (63 reviews)
- Vulnerability Detection (51 reviews)
- Ease of Use (50 reviews)
- Pentesting Efficiency (42 reviews)
- Vulnerability Identification (37 reviews)

**Cons:**

- Poor Customer Support (12 reviews)
- Poor Interface Design (10 reviews)
- Slow Performance (8 reviews)
- UX Improvement (7 reviews)
- Lack of Information (6 reviews)


### What Do G2 Reviewers Say About Astra Pentest?
*AI-generated summary from verified user reviews*

**Pros:**

- Users commend the **responsive customer support** of Astra Pentest, highlighting their flexibility and exceptional service throughout the process.
- Users value the **comprehensive vulnerability management features** of Astra Pentest, enhancing security tracking and prioritization.
- Users appreciate the **ease of use** of Astra Pentest, enjoying its straightforward implementation and user-friendly design.
- Users value the **quick and efficient penetration testing** provided by Astra Pentest, ensuring timely and successful outcomes.
- Users value the **thorough vulnerability identification** by Astra Pentest, enhancing security confidence and providing valuable solutions.

**Cons:**

- Users experience **poor customer support** with slow response times and a lack of assistance for vulnerability queries.
- Users criticize the **poor interface design** of Astra Pentest, finding it clunky and non-intuitive for effective use.
- Users experience **slow performance** with Astra Pentest, affecting the speed of testing results and overall efficiency.
- Users note that **UX improvement** is necessary due to confusing UI and occasional false positives during scans.
- Users note a **lack of information** in documentation, causing delays and uncertainty in obtaining crucial audit status updates.

#### What Are Recent G2 Reviews of Astra Pentest?

**"[Smooth Onboarding, Responsive Support, and Strong Pentest Lifecycle Controls](https://www.g2.com/survey_responses/astra-pentest-review-13001206)"**

**Rating:** 5.0/5.0 stars
*— Sivakumar S.*

[Read full review](https://www.g2.com/survey_responses/astra-pentest-review-13001206)

---

**"[Exceptional VAPT Solution with Prompt Support](https://www.g2.com/survey_responses/astra-pentest-review-9603864)"**

**Rating:** 5.0/5.0 stars
*— Nikhil Ajit S.*

[Read full review](https://www.g2.com/survey_responses/astra-pentest-review-9603864)

---


#### What Are G2 Users Discussing About Astra Pentest?

- [What is Astra Pentest used for?](https://www.g2.com/discussions/what-is-astra-pentest-used-for) - 2 comments

### 8. [Orca Security](https://www.g2.com/products/orca-security/reviews)
The Orca Cloud Security Platform identifies, prioritizes, and remediates risks and compliance issues in workloads, configurations, and identities across your cloud estate spanning AWS, Azure, Google Cloud, Kubernetes, Alibaba Cloud, and Oracle Cloud. Orca offers the industry’s most comprehensive cloud security solution in a single platform — eliminating the need to deploy and maintain multiple point solutions. Orca is agentless-first, and connects to your environment in minutes using Orca’s patented SideScanning™ technology that provides deep and wide visibility into your cloud environment, without requiring agents. In addition, Orca can integrate with third-party agents for runtime visibility and protection for critical workloads. Orca is at the forefront of leveraging Generative AI for simplified investigations and accelerated remediation – reducing required skill levels and saving cloud security, DevOps, and development teams time and effort, while significantly improving security outcomes. As a Cloud Native Application Protection Platform (CNAPP), Orca consolidates many point solutions in one platform, including: CSPM, CWPP, CIEM, Vulnerability Management, Container and Kubernetes Security, DSPM, API Security, CDR, Multi-cloud Compliance, Shift Left Security, and AI-SPM.


**Average Rating:** 4.7/5.0
**Total Reviews:** 279
**How Do G2 Users Rate Orca Security?**

- **API Testing:** 7.5/10 (Category avg: 9.1/10)
- **API Monitoring:** 8.5/10 (Category avg: 8.8/10)

**Who Is the Company Behind Orca Security?**

- **Seller:** [Orca Security](https://www.g2.com/sellers/orca-security)
- **Company Website:** https://orca.security
- **Year Founded:** 2019
- **HQ Location:** Portland, Oregon
- **Twitter:** @orcasec (4,835 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/35573984/ (515 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Security Engineer, CISO
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 49% Enterprise, 40% Mid-Market


#### What Are Orca Security's Pros and Cons?

**Pros:**

- Ease of Use (13 reviews)
- Vulnerability Scanning (13 reviews)
- Features (11 reviews)
- Visibility (11 reviews)
- Comprehensive Security (9 reviews)

**Cons:**

- Security Vulnerabilities (6 reviews)
- Dashboard Issues (5 reviews)
- Delayed Detection (5 reviews)
- False Positives (5 reviews)
- Improvement Needed (5 reviews)


### What Do G2 Reviewers Say About Orca Security?
*AI-generated summary from verified user reviews*

**Pros:**

- Users find the **ease of use** of Orca Security remarkable, enabling quick and intuitive setup across cloud accounts.
- Users value the **great visibility on vulnerabilities** provided by Orca, enhancing security and compliance across cloud environments.
- Users appreciate the **agentless feature** of Orca Security, finding it remarkably effective and intuitive for security management.
- Users appreciate the **comprehensive visibility** Orca Security provides, making cloud management intuitive and effective.
- Users value the **comprehensive security** features of Orca Security, enabling swift setup and strong cloud visibility.

**Cons:**

- Users note the **security vulnerabilities** in Orca Security, particularly regarding API security and detection of vulnerable packages.
- Users often find the **dashboard cluttered and slow** , which can hinder navigation and overall user experience.
- Users experience **delayed detection** with Orca due to infrequent scans, leading to confusion and troubleshooting difficulties.
- Users report numerous **false positives** with Orca Security, causing confusion regarding actual vulnerabilities in their environment.
- Users find that **improvements are needed** in reporting, automation, and overall DSPM quality within Orca Security.

#### What Are Recent G2 Reviews of Orca Security?

**"[Orca Gives Full Visibility Into AI Agents and Data Access—Security Finally Keeps Pace](https://www.g2.com/survey_responses/orca-security-review-13055344)"**

**Rating:** 5.0/5.0 stars
*— Tatiana T.*

[Read full review](https://www.g2.com/survey_responses/orca-security-review-13055344)

---

**"[Orca Brings Clear Visibility and Control to Our Growing Fleet of AI Agents](https://www.g2.com/survey_responses/orca-security-review-13058233)"**

**Rating:** 5.0/5.0 stars
*— Jayden M.*

[Read full review](https://www.g2.com/survey_responses/orca-security-review-13058233)

---


#### What Are G2 Users Discussing About Orca Security?

- [Where is Orca security based?](https://www.g2.com/discussions/where-is-orca-security-based) - 2 comments
- [How much does Orca security cost?](https://www.g2.com/discussions/how-much-does-orca-security-cost) - 1 comment
- [What is ORCA platform?](https://www.g2.com/discussions/what-is-orca-platform) - 1 comment
- [What does Orca Security do?](https://www.g2.com/discussions/what-does-orca-security-do) - 1 comment

### 9. [Azion](https://www.g2.com/products/azion/reviews)
Azion is the web platform that enables businesses to build, secure, and scale modern applications on a fully managed global infrastructure, with a robust suite of solutions for Application Development, cybersecurity, and AI. Azion allows developers to deploy applications closer to users, ensuring ultra-low latency and high availability. With Functions, you can run distributed serverless code, enhancing performance and reducing costs. For enhanced security, Azion’s Web Application Firewall (WAF) protects against cyber threats. Azion also provides SQL Storage, Object Storage and KV Storage, enabling fast, distributed data storage and retrieval. With Real-Time Metrics and Real-Time Events, businesses gain actionable insights into their applications and infrastructure, ensuring optimal performance and security. Global leaders like Prime Video, Neon, Global Fashion Group, and Radware trust Azion to deliver high-performance, secure digital experiences worldwide. Whether you&#39;re building AI-driven applications, securing your digital assets, or scaling globally, Azion provides the fastest path to modern applications. Discover how Azion can transform your digital experiences and empower your business to thrive in the digital age. Visit www.azion.com to learn more about our innovative solutions.


**Average Rating:** 4.7/5.0
**Total Reviews:** 31
**How Do G2 Users Rate Azion?**

- **API Testing:** 10.0/10 (Category avg: 9.1/10)
- **API Monitoring:** 9.2/10 (Category avg: 8.8/10)

**Who Is the Company Behind Azion?**

- **Seller:** [Azion](https://www.g2.com/sellers/azion)
- **Year Founded:** 2011
- **HQ Location:** Palo Alto, California, United States
- **LinkedIn® Page:** https://www.linkedin.com/company/aziontech (198 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Retail
- **Company Size:** 34% Enterprise, 28% Mid-Market


#### What Are Azion's Pros and Cons?

**Pros:**

- Customer Support (10 reviews)
- Ease of Use (8 reviews)
- Easy Integrations (7 reviews)
- Reliability (7 reviews)
- Performance (6 reviews)

**Cons:**

- Missing Features (2 reviews)
- Complexity (1 reviews)
- Difficult Learning (1 reviews)
- Difficult Learning Curve (1 reviews)
- Expensive (1 reviews)


### What Do G2 Reviewers Say About Azion?
*AI-generated summary from verified user reviews*

**Pros:**

- Users commend Azion for its **exceptional customer support** , providing fast, responsive assistance and comprehensive solutions.
- Users value Azion&#39;s **ease of use** , noting its simple setup and seamless integration into daily operations.
- Users value the **easy integrations** of Azion, facilitating seamless operations and enhancing overall productivity with minimal effort.
- Users value Azion&#39;s **robust reliability** and responsive support, ensuring seamless operation even during critical situations.
- Users highlight Azion&#39;s **exceptional performance** , with fast response times and reliable support during critical operations.

**Cons:**

- Users find **missing integration features** for Web3 and NFTs in Azion limit its overall utility and readiness.
- Users find the **administration console complex** , requiring time to understand and navigate efficiently.
- Users find the **difficult learning curve** for Azion&#39;s administration console challenging and time-consuming to navigate.
- Users find the **difficult learning curve** for the Azion administration console frustrating and time-consuming to navigate.
- Users wish for more **flexibility in pricing** for Azion, feeling the current costs are too high.

#### What Are Recent G2 Reviews of Azion?

**"[Azion as one of the main strategic partners in cybersecurity.](https://www.g2.com/survey_responses/azion-review-12544164)"**

**Rating:** 5.0/5.0 stars
*— Luciano K.*

[Read full review](https://www.g2.com/survey_responses/azion-review-12544164)

---

**"[Azion Services: Elevated Security and Impeccable Support](https://www.g2.com/survey_responses/azion-review-11910560)"**

**Rating:** 5.0/5.0 stars
*— Luciano G.*

[Read full review](https://www.g2.com/survey_responses/azion-review-11910560)

---



### 10. [FortiAppSec Cloud](https://www.g2.com/products/fortiappsec-cloud/reviews)
FortiAppSec Cloud - the next evolution of FortiWeb Cloud - simplifies and strengthens web application security and delivery across your cloud environments. This SaaS platform secures network availability and accelerates application performance while delivering consistent security against web-based threats. The AI-driven engine detects zero-day exploits and unknown threats, maximizing detection accuracy while securing the user experience and minimizing false positives. FortiAppSec Cloud is unified platform that provides comprehensive web application and API protection (WAAP) with a single management interface. It includes: • GenAI-ready protection for known and zero-day threat detection • ML-driven bad bot behavioral analysis to fend off sophisticated bots • Advanced API discovery and security • Built-in DAST allows for vulnerability scanning and patching in advance • Global server load balancing and CDN provide optimized application availability and performance. • Threat analytics helps prioritize security events for operational efficiency.


**Average Rating:** 4.4/5.0
**Total Reviews:** 29
**How Do G2 Users Rate FortiAppSec Cloud?**

- **API Testing:** 6.7/10 (Category avg: 9.1/10)
- **API Monitoring:** 8.3/10 (Category avg: 8.8/10)

**Who Is the Company Behind FortiAppSec Cloud?**

- **Seller:** [Fortinet](https://www.g2.com/sellers/fortinet)
- **Company Website:** https://www.fortinet.com
- **Year Founded:** 2000
- **HQ Location:** Sunnyvale, CA
- **Twitter:** @Fortinet (151,422 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/6460/ (16,279 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer &amp; Network Security, Information Technology and Services
- **Company Size:** 61% Mid-Market, 19% Enterprise


#### What Are FortiAppSec Cloud's Pros and Cons?

**Pros:**

- Security (13 reviews)
- Protection (10 reviews)
- Cybersecurity (8 reviews)
- Ease of Use (8 reviews)
- Features (8 reviews)

**Cons:**

- UX Improvement (9 reviews)
- Slow Performance (8 reviews)
- User Interface Issues (8 reviews)
- Complex Configuration (7 reviews)
- Complex Setup (7 reviews)


### What Do G2 Reviewers Say About FortiAppSec Cloud?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **robust security** of FortiAppSec Cloud, benefiting from integrated protection against evolving threats.
- Users value the **automatic security and centralized dashboard** of FortiAppSec Cloud for enhanced efficiency and visibility.
- Users appreciate the **advanced cybersecurity features** of FortiAppSec Cloud, effectively addressing modern security threats.
- Users value the **ease of use** of FortiAppSec Cloud, appreciating its quick setup and straightforward configuration.
- Users value the **ease of deployment** and **AI-powered automation** in FortiAppSec Cloud for efficient web app protection.

**Cons:**

- Users find the **UX lacking intuitiveness** , making it difficult to navigate and utilize advanced features effectively.
- Users experience **slow performance** during high traffic and complex rules, impacting efficiency and responsiveness.
- Users find the **user interface issues** hinder overall usability and suggest enhancements for better experience and reporting.
- Users find the **complex configuration** process challenging, especially for newcomers navigating setup and advanced features.
- Users find the **complex setup** of FortiAppSec Cloud challenging, especially when configuring advanced rules and policies.

#### What Are Recent G2 Reviews of FortiAppSec Cloud?

**"[Centralized Threat Management, Easy Setup](https://www.g2.com/survey_responses/fortiappsec-cloud-review-12342944)"**

**Rating:** 4.0/5.0 stars
*— Manav S.*

[Read full review](https://www.g2.com/survey_responses/fortiappsec-cloud-review-12342944)

---

**"[Easy-to-Implement AppSec with Strong Signature Detection, Bot Protection, and Cloud Integration](https://www.g2.com/survey_responses/fortiappsec-cloud-review-12389870)"**

**Rating:** 5.0/5.0 stars
*— Prasanth K.*

[Read full review](https://www.g2.com/survey_responses/fortiappsec-cloud-review-12389870)

---


#### What Are G2 Users Discussing About FortiAppSec Cloud?

- [What is the use of Fortinet?](https://www.g2.com/discussions/what-is-the-use-of-fortinet)
- [How does Fortinet WAF work?](https://www.g2.com/discussions/how-does-fortinet-waf-work)
- [How many layers does the FortiWeb machine learning engine use?](https://www.g2.com/discussions/how-many-layers-does-the-fortiweb-machine-learning-engine-use)
- [How do you use FortiWeb?](https://www.g2.com/discussions/how-do-you-use-fortiweb)

### 11. [Intruder](https://www.g2.com/products/intruder/reviews)
Intruder is an exposure management platform for scaling to mid-market businesses. Over 3000 companies - across all industries - use Intruder to find critical exposures, respond faster and prevent breaches. Unifying Attack Surface Management, Vulnerability Management and Cloud security into one powerful, easy to use platform, Intruder simplifies the complex task of securing an ever-expanding attack surface. Recognizing no two business are alike, Intruder provides real-time, accurate scanning combined with intelligent risk prioritization, ensuring businesses focus on the exposures that are most relevant to them. And our proactive approach limits the window of risk, continuously monitoring for new threats while eliminating the noise that slows teams down. Whether you&#39;re an IT Manager, in DevOps or a CISO, Intruder&#39;s easy setup and context-driven approach will free you up to focus on exposures that cause real breaches, not just technical vulnerabilities. Keeping you one step ahead of attackers.


**Average Rating:** 4.8/5.0
**Total Reviews:** 206
**How Do G2 Users Rate Intruder?**

- **API Testing:** 8.7/10 (Category avg: 9.1/10)
- **API Monitoring:** 8.9/10 (Category avg: 8.8/10)

**Who Is the Company Behind Intruder?**

- **Seller:** [Intruder](https://www.g2.com/sellers/intruder)
- **Company Website:** https://www.intruder.io
- **Year Founded:** 2015
- **HQ Location:** London
- **Twitter:** @intruder_io (979 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/6443623/ (84 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** CTO, Director
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 57% Small-Business, 36% Mid-Market


#### What Are Intruder's Pros and Cons?

**Pros:**

- Ease of Use (41 reviews)
- Vulnerability Detection (30 reviews)
- Customer Support (25 reviews)
- User Interface (24 reviews)
- Vulnerability Identification (24 reviews)

**Cons:**

- Expensive (9 reviews)
- Slow Scanning (8 reviews)
- Licensing Issues (7 reviews)
- False Positives (6 reviews)
- Limited Features (6 reviews)


### What Do G2 Reviewers Say About Intruder?
*AI-generated summary from verified user reviews*

**Pros:**

- Users find Intruder&#39;s **ease of use** remarkable, enabling quick setup and effective scanning of vulnerabilities.
- Users value the **ease of configuring vulnerability detection** , ensuring timely identification of security issues across cloud resources.
- Users praise Intruder&#39;s **exceptional customer support** , highlighting quick responses and friendly assistance during security management tasks.
- Users commend Intruder&#39;s **intuitive interface** , praising its seamless integration and simplicity in managing complex security tasks.
- Users commend the **effortless vulnerability identification** of Intruder, making cybersecurity management seamless and efficient.

**Cons:**

- Users find the product **expensive** , expressing a desire for more flexible pricing options to improve value.
- Users experience **slow scanning** with Intruder, leading to missed vulnerabilities and challenges in testing integration.
- Users struggle with **licensing issues** , finding the model complex and not intuitive, affecting overall understanding.
- Users experience **false positives** with Intruder, which may lead to confusion over vulnerability prioritization and management.
- Users find the **limited features** of Intruder restrictive, especially around license clarity and advanced reporting options.

#### What Are Recent G2 Reviews of Intruder?

**"[Intruder: Insightful Vulnerability Management Platform That Strengthens Security Operation](https://www.g2.com/survey_responses/intruder-review-12395645)"**

**Rating:** 4.5/5.0 stars
*— HALADU A.*

[Read full review](https://www.g2.com/survey_responses/intruder-review-12395645)

---

**"[Outstanding Experience with No Drawbacks](https://www.g2.com/survey_responses/intruder-review-12097237)"**

**Rating:** 5.0/5.0 stars
*— Nic H.*

[Read full review](https://www.g2.com/survey_responses/intruder-review-12097237)

---


#### What Are G2 Users Discussing About Intruder?

- [Who developed intruder?](https://www.g2.com/discussions/who-developed-intruder)
- [What is an intruder in cyber security?](https://www.g2.com/discussions/what-is-an-intruder-in-cyber-security)
- [Is intruder IO safe?](https://www.g2.com/discussions/is-intruder-io-safe) - 1 comment
- [What is intruder software?](https://www.g2.com/discussions/what-is-intruder-software) - 1 comment

### 12. [Qodex.ai](https://www.g2.com/products/qodex-ai/reviews)
Qodex is a continuous testing platform that runs your test scenarios against your real app on every pull request and deploy, then shows you exactly what broke with the failing request, response, and screenshot.


**Average Rating:** 4.9/5.0
**Total Reviews:** 60
**How Do G2 Users Rate Qodex.ai?**

- **API Testing:** 10.0/10 (Category avg: 9.1/10)
- **API Monitoring:** 8.3/10 (Category avg: 8.8/10)

**Who Is the Company Behind Qodex.ai?**

- **Seller:** [QodexAI](https://www.g2.com/sellers/qodexai)
- **Company Website:** https://www.qodex.ai/
- **Year Founded:** 2023
- **HQ Location:** San Francisco, California
- **LinkedIn® Page:** https://linkedin.com/company/qodexai (13 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 75% Small-Business, 20% Mid-Market


#### What Are Qodex.ai's Pros and Cons?

**Pros:**

- Ease of Use (23 reviews)
- Automation (17 reviews)
- Testing (17 reviews)
- Testing Efficiency (17 reviews)
- Helpful (13 reviews)

**Cons:**

- Slow Loading (6 reviews)
- Poor Documentation (5 reviews)
- Slow Performance (5 reviews)
- Bug Issues (4 reviews)
- Bugs (4 reviews)


### What Do G2 Reviewers Say About Qodex.ai?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of use** with Qodex.ai, simplifying test case writing for both technical and non-technical teams.
- Users appreciate the **automation capabilities** of Qodex.ai, significantly reducing testing time and ensuring reliability.
- Users value the **ease of writing test cases** in plain English, significantly streamlining their testing processes.
- Users value the **testing efficiency** of Qodex.ai, significantly reducing shipment time and simplifying bug detection.
- Users find Qodex.ai&#39;s **helpful customer support** indispensable, making the integration process smooth and efficient.

**Cons:**

- Users note that the **slow loading** times of the UI and chatbot detract from the overall experience.
- Users find the **poor documentation** of Qodex.ai limits their ability to utilize advanced features effectively.
- Users note that the **slow performance** of Qodex.ai&#39;s UI and chatbot can hinder their experience.
- Users report **bug issues** such as repeated test cases, need for better flagging, and improved accuracy.
- Users experience **issues with repeated test cases** and suggest improvements for bug classification and accuracy.

#### What Are Recent G2 Reviews of Qodex.ai?

**"[Effortless AI Testing Automation That Accelerates Development](https://www.g2.com/survey_responses/qodex-ai-review-12088697)"**

**Rating:** 4.5/5.0 stars
*— Abhilash S.*

[Read full review](https://www.g2.com/survey_responses/qodex-ai-review-12088697)

---

**"[Effortless Automation and Insightful AI Testing with Qodex.ai](https://www.g2.com/survey_responses/qodex-ai-review-12065938)"**

**Rating:** 4.5/5.0 stars
*— Anshuk K.*

[Read full review](https://www.g2.com/survey_responses/qodex-ai-review-12065938)

---



### 13. [Pynt - API Security Testing](https://www.g2.com/products/pynt-api-security-testing/reviews)
Pynt is an innovative API Security Testing platform exposing verified API threats through simulated attacks. Hundreds of companies rely on Pynt to continuously monitor, classify and attack poorly secured APIs, before hackers do.


**Average Rating:** 4.8/5.0
**Total Reviews:** 44
**How Do G2 Users Rate Pynt - API Security Testing?**

- **API Testing:** 8.7/10 (Category avg: 9.1/10)
- **API Monitoring:** 8.8/10 (Category avg: 8.8/10)

**Who Is the Company Behind Pynt - API Security Testing?**

- **Seller:** [Pynt](https://www.g2.com/sellers/pynt)
- **Year Founded:** 2022
- **HQ Location:** Tel Aviv, IL
- **Twitter:** @pynt_io (361 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/pynt (16 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software, Computer &amp; Network Security
- **Company Size:** 57% Small-Business, 23% Enterprise


#### What Are Pynt - API Security Testing's Pros and Cons?

**Pros:**

- Vulnerability Detection (20 reviews)
- Security (19 reviews)
- API Management (17 reviews)
- Easy Integrations (17 reviews)
- Automation (15 reviews)

**Cons:**

- Complex Setup (12 reviews)
- Setup Complexity (7 reviews)
- Limited Features (4 reviews)
- Poor Interface Design (4 reviews)
- UX Improvement (4 reviews)


### What Do G2 Reviewers Say About Pynt - API Security Testing?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **flawless execution of vulnerability detection** in Pynt, enhancing security with minimal effort.
- Users value the **seamless integration** and automated vulnerability detection of Pynt for enhanced API security.
- Users value the **seamless integration** of Pynt in their workflows, ensuring efficient API security management and testing.
- Users find **easy integrations** with tools like Postman and Burp Suite, simplifying their API security testing process.
- Users appreciate the **automation capabilities** of Pynt, enabling seamless API security testing within existing development workflows.

**Cons:**

- Users find the **complex setup** of Pynt challenging initially, requiring time and the right understanding for smooth deployment.
- Users find the **setup complexity** challenging, especially for beginners, requiring improvements for a more user-friendly experience.
- Users find Pynt&#39;s **limited features** challenging, particularly in reporting and onboarding, affecting usability across teams.
- Users find the **poor interface design** hinders usability and suggests improvements for a better experience.
- Users note that the **user interface lacks usability** , indicating a need for significant improvements to enhance their experience.

#### What Are Recent G2 Reviews of Pynt - API Security Testing?

**"[Comprehensive Review of Pynt Tool](https://www.g2.com/survey_responses/pynt-api-security-testing-review-10046930)"**

**Rating:** 5.0/5.0 stars
*— Vijayaraghavan (Vijay) V.*

[Read full review](https://www.g2.com/survey_responses/pynt-api-security-testing-review-10046930)

---

**"[Performance and Usability Review of pynt G2](https://www.g2.com/survey_responses/pynt-api-security-testing-review-11135423)"**

**Rating:** 5.0/5.0 stars
*— Devanggiri G.*

[Read full review](https://www.g2.com/survey_responses/pynt-api-security-testing-review-11135423)

---



### 14. [Escape](https://www.g2.com/products/escape/reviews)
Escape automates the full offensive security lifecycle, multiplying the impact of every security engineer tenfold. Our key products: 1. Attack Surface Management: Discover and validate exposure of modern applications, APIs, and infrastructure from code to cloud. 2. Business-logic-aware DAST: Replace legacy DAST with business-logic-aware testing that improves over time and helps your team remediate real, exploitable vulnerabilities. 3. AI Pentesting: Replace manual pentest and bug bounty programs with a solution that scales. Escape is a customer-centric company, supporting more than 2000+ security teams worldwide, and we have the privilege of working with exceptional companies like Schibsted (Media), HealthEquity (Healthcare), Applied (InsurTech), Visma &amp; Miro (Tech), DoubleVerify (AdTech), Thinkific (EdTech), and many others.


**Average Rating:** 4.9/5.0
**Total Reviews:** 10
**How Do G2 Users Rate Escape?**

- **API Testing:** 9.2/10 (Category avg: 9.1/10)
- **API Monitoring:** 8.5/10 (Category avg: 8.8/10)

**Who Is the Company Behind Escape?**

- **Seller:** [Escape](https://www.g2.com/sellers/escape)
- **Company Website:** https://escape.tech/
- **Year Founded:** 2020
- **HQ Location:** Paris, France
- **Twitter:** @escapetechHQ (345 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/escapetech/ (61 employees on LinkedIn®)

**Who Uses This Product?**
- **Company Size:** 50% Small-Business, 40% Mid-Market


#### What Are Escape's Pros and Cons?

**Pros:**

- Ease of Use (3 reviews)
- Easy Integrations (2 reviews)
- Scanning Technology (2 reviews)
- Security (2 reviews)
- API Management (1 reviews)

**Cons:**

- Complex Setup (1 reviews)
- Difficult Upgrades (1 reviews)
- Limited Features (1 reviews)
- Missing Features (1 reviews)
- Update Issues (1 reviews)


### What Do G2 Reviewers Say About Escape?
*AI-generated summary from verified user reviews*

**Pros:**

- Users find Escape&#39;s **ease of use** remarkable, enabling seamless integration and efficient management of complex scans.
- Users value the **easy integrations** with CI/CD and APIs, enhancing workflow setups efficiently.
- Users value the **advanced scanning technology** of Escape, which simplifies complex scans and enhances API vulnerability detection.
- Users appreciate the **robust security features** of Escape, effectively managing API vulnerabilities with great support.
- Users praise Escape for its **effective API security management** , expertly detecting vulnerabilities often overlooked by others.

**Cons:**

- Users find the **complex setup** of Escape can be inconvenient, requiring adjustment for updates and new features.
- Users find the **difficult upgrades** to Escape require adjustment, but appreciate the benefits of new features and security enhancements.
- Users notice **limited features** in Escape but appreciate the commitment to improvement and user-driven updates.
- Users note the **missing features** in Escape, but appreciate the commitment to improvement based on feedback.
- Users find that **update issues** can require adjustment, but appreciate the ongoing improvements and features provided by Escape.

#### What Are Recent G2 Reviews of Escape?

**"[Fast, Transparent DAST with Excellent GraphQL Handling and Strong Support](https://www.g2.com/survey_responses/escape-review-12978297)"**

**Rating:** 4.0/5.0 stars
*— Varun S.*

[Read full review](https://www.g2.com/survey_responses/escape-review-12978297)

---

**"[Excellent DAST disruptor](https://www.g2.com/survey_responses/escape-review-11666781)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Information Technology and Services*

[Read full review](https://www.g2.com/survey_responses/escape-review-11666781)

---



### 15. [AppTrana](https://www.g2.com/products/apptrana/reviews)
AppTrana API is a fully managed API security platform that provides continuous API discovery, automated vulnerability detection, and real-time protection against API attacks. It combines 24/7 AI-driven intelligence with human-led operations to deliver runtime security with a Zero False Positive Guarantee. Trusted by over 6,500 customers across 95+ countries, it offers unmetered protection with 100% availability. AppTrana API includes SwyftComply, an industry-first autonomous remediation capability that virtually patches API vulnerabilities without code changes, enabling zero-vulnerability compliance reports.


**Average Rating:** 4.8/5.0
**Total Reviews:** 33

**Who Is the Company Behind AppTrana?**

- **Seller:** [Indusface](https://www.g2.com/sellers/indusface)
- **Year Founded:** 2012
- **HQ Location:** Vadodara
- **Twitter:** @Indusface (3,472 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/indusface/ (180 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 53% Mid-Market, 24% Enterprise


#### What Are AppTrana's Pros and Cons?

**Pros:**

- Protection (11 reviews)
- Cybersecurity (9 reviews)
- WAF (Web Application Firewall) (7 reviews)
- Bot Detection (5 reviews)
- DDoS Protection (5 reviews)

**Cons:**

- Difficult Reporting (2 reviews)
- Complex Setup (1 reviews)
- Expensive (1 reviews)
- Learning Difficulty (1 reviews)
- Poor Documentation (1 reviews)


### What Do G2 Reviewers Say About AppTrana?
*AI-generated summary from verified user reviews*

**Pros:**

- Users highlight the **comprehensive protection** from attacks and vulnerabilities, ensuring peace of mind with AppTrana.
- Users appreciate the **24/7 SOC support and comprehensive protection** offered by AppTrana, ensuring peace of mind and security.
- Users commend the **effective and user-friendly WAF** of AppTrana, ensuring robust security without complexity.
- Users praise the **effective bot detection** in AppTrana, ensuring continuous protection with zero false positives.
- Users value the **fantastic DDoS and bot protection** provided by AppTrana, ensuring peace of mind 24/7.

**Cons:**

- Users find the **difficult reporting** in AppTrana limits their ability to analyze data effectively and understand insights.
- Users find the **complex setup** of AppTrana challenging due to poorly documented certificate installation and replacement.
- Users express concern over the **high cost** of AppTrana, especially when managing multiple application instances.
- Users find **learning difficulties** with AppTrana&#39;s documentation and installation process for third-party certificates frustrating and unclear.
- Users struggle with **poor documentation** regarding third-party certificate installation, making the process confusing and challenging.

#### What Are Recent G2 Reviews of AppTrana?

**"[We are so much satisfied with Product](https://www.g2.com/survey_responses/apptrana-review-11345397)"**

**Rating:** 5.0/5.0 stars
*— Nikhil P.*

[Read full review](https://www.g2.com/survey_responses/apptrana-review-11345397)

---

**"[AppTrana’s Managed WAAP with 24×7 SOC Support and Zero False Positives](https://www.g2.com/survey_responses/apptrana-review-13029658)"**

**Rating:** 5.0/5.0 stars
*— UTKARSH S.*

[Read full review](https://www.g2.com/survey_responses/apptrana-review-13029658)

---


#### What Are G2 Users Discussing About AppTrana?

- [What is sucuri firewall?](https://www.g2.com/discussions/what-is-sucuri-firewall)
- [What is WAF service?](https://www.g2.com/discussions/what-is-waf-service) - 1 comment
- [What is AppTrana?](https://www.g2.com/discussions/what-is-apptrana) - 1 comment

### 16. [Cequence Security](https://www.g2.com/products/cequence-security/reviews)
Cequence protects the applications and data that power enterprises in the agentic era. More than a decade of bot defense and API security experience has established Cequence as the leader of safe and secure agentic AI adoption. The Cequence platform delivers deep insight into user, entity, and agent behavior, enabling organizations to secure and control agentic AI workflows while protecting against bad actors and rogue agents. Cequence delivers value in minutes rather than days or weeks with a highly scalable, no-code approach. Trusted by the largest and most demanding private and public sector organizations, Cequence protects more than 10 billion daily API interactions and 4 billion user accounts. AI Gateway – makes applications agent-ready while securing and controlling agentic AI interactions, enabling organizations to unlock AI-driven productivity and growth. Built-in governance and guardrails constrain agent behavior using capabilities that include least privilege access, rate-limiting, and sensitive data protection. AI Gateway enables organizations to swiftly innovate, going from prototype to production without incurring the technical debt and scalability limitations associated with basic solutions Bot Management – Bot Detection, Mitigation, and Fraud Prevention Cequence Bot Management protects organizations from the full range of automated attacks to prevent data loss, theft, and fraud. Bot Management is network based, requiring no agents, JavaScript, or SDKs. Behavioral fingerprints and multi-dimensional analytics provide a deep understanding of business context to identify and natively block attacks in real time. It mitigates a wide variety of cyberattacks including business logic attacks, exploits, automated bot activity, online fraud, and OWASP API Security Top 10 threats. API Security – API Security Posture Management, Testing, and Remediation Cequence API Security discovers, monitors, and tests APIs, assessing a broad range of risks that often lead to compliance or governance issues, data loss, and business disruption. Providing complete visibility and monitoring of internal, external, and third-party APIs, Cequence helps organizations keep up with API changes, uncovers sensitive data exposure, and identifies vulnerabilities and security risks including those in the OWASP API Security Top 10. Built-in API security testing enables organizations to test their pre-production and runtime APIs against specifications – and automatically generate them if specs are not available. API Security lays the groundwork to ensure that you are fully aware of the risks inherent in your API applications and enables you to remediate critical security issues before they are exploited by an attacker.


**Average Rating:** 4.6/5.0
**Total Reviews:** 55
**How Do G2 Users Rate Cequence Security?**

- **API Testing:** 8.4/10 (Category avg: 9.1/10)
- **API Monitoring:** 9.2/10 (Category avg: 8.8/10)

**Who Is the Company Behind Cequence Security?**

- **Seller:** [Cequence Security](https://www.g2.com/sellers/cequence-security)
- **Company Website:** https://www.cequence.ai/
- **Year Founded:** 2014
- **HQ Location:** Santa Clara, CA
- **Twitter:** @cequenceai (689 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/10510476 (154 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Telecommunications, Information Technology and Services
- **Company Size:** 40% Small-Business, 35% Enterprise


#### What Are Cequence Security's Pros and Cons?

**Pros:**

- Protection (9 reviews)
- Security (8 reviews)
- Time-Saving (5 reviews)
- Vulnerability Detection (4 reviews)
- API Management (3 reviews)

**Cons:**

- Complex Setup (9 reviews)
- Difficult Learning Curve (5 reviews)
- Slow Performance (3 reviews)
- Dashboard Performance (2 reviews)
- False Positives (2 reviews)


### What Do G2 Reviewers Say About Cequence Security?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **powerful protection against sophisticated bot attacks** , enhancing security and response time for web applications.
- Users value Cequence Security&#39;s **robust threat detection** , effectively mitigating sophisticated bot attacks and enhancing overall account protection.
- Users value the **time-saving automation** of Cequence Security, significantly reducing manual efforts for their SOC teams.
- Users value the **vulnerability detection** capabilities of Cequence Security, ensuring robust protection against complex threats while preserving user experience.
- Users value the **enhanced visibility** Cequence Security offers for API management, improving overall security and performance.

**Cons:**

- Users find the **complex setup** of Cequence Security challenging, causing delays in fine-tuning and response rates.
- Users find the **difficult learning curve** of Cequence Security challenging, requiring significant technical expertise for optimal setup.
- Users experience **slow performance** with Cequence Security, especially during large data queries and incident responses.
- Users experience **dashboard lag and unclear communication** , leading to slow decision-making during critical threat assessments.
- Users express concern over **false positives** with Cequence Security, affecting their eCommerce traffic flow and experience.

#### What Are Recent G2 Reviews of Cequence Security?

**"[Mitigating and Secure our APIs](https://www.g2.com/survey_responses/cequence-security-review-12400189)"**

**Rating:** 5.0/5.0 stars
*— Owen P.*

[Read full review](https://www.g2.com/survey_responses/cequence-security-review-12400189)

---

**"[Reliable API Traffic Visibility and Bot Attack Protection](https://www.g2.com/survey_responses/cequence-security-review-12440501)"**

**Rating:** 4.0/5.0 stars
*— karthik k.*

[Read full review](https://www.g2.com/survey_responses/cequence-security-review-12440501)

---


#### What Are G2 Users Discussing About Cequence Security?

- [What is Cequence Security used for?](https://www.g2.com/discussions/what-is-cequence-security-used-for) - 1 comment

### 17. [Wallarm API Security Platform](https://www.g2.com/products/wallarm-api-security-platform/reviews)
Protect any API. In any environment. Against any threats. Wallarm is the platform security teams choose to protect cloud-native APIs. The Wallarm platform gives teams the ability to detect and block API attacks. Customers choose Wallarm because it delivers a complete inventory of their APIs, AI apps, and agentic AI, along with patented AI/ML API abuse detection, real-time blocking on day zero, and an API SOC-as-a-service. Whether you protect legacy or brand new cloud-native APIs, Wallarm’s multi-cloud platform delivers the capabilities to secure your business against emerging threats. -\&gt; Robust protection for the entire API and AI portfolio Mitigate the OWASP API Top 10 threats and more; business logic abuse, bad bots, account takeover (ATO), and more. Get the robust API protection that no other tool can provide. -\&gt; Native inline blocking Wallarm is built from the ground up for inline blocking. Why deploy API security that can’t actually defend against API attacks? -\&gt; Unparalleled visibility into malicious traffic Gain full insights about attacks and attackers in the responsive Wallarm Console. Enjoy the Dashboard, search, and reporting capabilities, including visibility into API sessions. -\&gt; Complete API inventory Wallarm API Discovery provides full visibility into all your APIs, AI apps, and AI agents, including sensitive data flows, risk posture, shadow APIs and change detection. -\&gt; Understand Your Attack Surface You can’t protect what you don’t know about. Wallarm provides a comprehensive view of your API attack surface, including assessment of security controls and leaked sensitive API data. -\&gt; Quick integrations Setup cross-team collaboration with seamless integrations to your SIEM/SOAR, messaging applications, and workflow management.


**Average Rating:** 4.7/5.0
**Total Reviews:** 92
**How Do G2 Users Rate Wallarm API Security Platform?**

- **API Testing:** 9.2/10 (Category avg: 9.1/10)
- **API Monitoring:** 9.1/10 (Category avg: 8.8/10)

**Who Is the Company Behind Wallarm API Security Platform?**

- **Seller:** [Wallarm](https://www.g2.com/sellers/wallarm)
- **Company Website:** https://wallarm.com/
- **Year Founded:** 2016
- **HQ Location:** San Francisco, California
- **Twitter:** @wallarm (3,197 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/4871419/ (178 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** CTO, CEO
- **Top Industries:** Mechanical or Industrial Engineering, Information Technology and Services
- **Company Size:** 44% Mid-Market, 42% Small-Business


#### What Are Wallarm API Security Platform's Pros and Cons?

**Pros:**

- Protection (3 reviews)
- Security (3 reviews)
- Threat Detection (3 reviews)
- Real-time Monitoring (2 reviews)
- Vulnerability Detection (2 reviews)

**Cons:**

- API Issues (1 reviews)
- Complex Configuration (1 reviews)
- Complexity (1 reviews)
- Complex Setup (1 reviews)
- Difficult Learning (1 reviews)


### What Do G2 Reviewers Say About Wallarm API Security Platform?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **accurate real-time threat detection** of Wallarm API Security Platform, ensuring robust API protection.
- Users value the **real-time threat detection** of Wallarm API Security Platform, ensuring robust API protection with few false positives.
- Users appreciate the **accurate real-time threat detection** of Wallarm API Security Platform, effectively minimizing false positives.
- Users value the **accurate real-time threat detection** of Wallarm, reducing false positives and enhancing API security.
- Users value the **accurate real-time API threat detection** of Wallarm, ensuring robust protection with minimal false positives.

**Cons:**

- Users are concerned about the **undisclosed pricing** during the fee trial, complicating their budgeting and decision-making.
- Users find the **configuration process complex** , making it challenging and time-consuming, particularly for newcomers.
- Users find the **configuration process complex** and time-consuming, particularly those who are new to the platform.
- Users find the **complex setup** of Wallarm API Security Platform to be time-consuming and challenging, especially for newcomers.
- Users find the **difficult learning** curve for Wallarm API Security Platform&#39;s configuration challenging and time-consuming for newcomers.

#### What Are Recent G2 Reviews of Wallarm API Security Platform?

**"[API threat prevention](https://www.g2.com/survey_responses/wallarm-api-security-platform-review-10704584)"**

**Rating:** 5.0/5.0 stars
*— Alexander S.*

[Read full review](https://www.g2.com/survey_responses/wallarm-api-security-platform-review-10704584)

---

**"[Accurate Real-Time API Threat Detection with Minimal False Positives](https://www.g2.com/survey_responses/wallarm-api-security-platform-review-12169348)"**

**Rating:** 4.5/5.0 stars
*— Adesh  R.*

[Read full review](https://www.g2.com/survey_responses/wallarm-api-security-platform-review-12169348)

---


#### What Are G2 Users Discussing About Wallarm API Security Platform?

- [How has Wallarm API Security Platform supported your cybersecurity efforts, and what features do you rely on most?](https://www.g2.com/discussions/how-has-wallarm-api-security-platform-supported-your-cybersecurity-efforts-and-what-features-do-you-rely-on-most)
- [What is Wallarm API Security Platform used for?](https://www.g2.com/discussions/what-is-wallarm-api-security-platform-used-for)

### 18. [Levo.ai](https://www.g2.com/products/levo-ai/reviews)
APIs are no longer technical plumbing. They are the foundation of modern business, powering customer experiences, partner ecosystems, and digital revenue streams. But with that centrality comes risk. Unsecured APIs are now the leading cause of breaches, compliance failures, and stalled innovation. Levo exists to change this. We are the first platform to deliver true end-to-end API Security. From continuous discovery and automated documentation to exploit aware testing, policy-driven monitoring, passive detection, and inline protection, Levo covers every phase of the API lifecycle. Our architecture was designed from first principles: 1. Privacy preserving architecture: no sensitive data leaves your environment. 2. Cost efficient: lightweight sensors that run on minimal compute, saving enterprises hundreds of thousands in inflated cloud costs. 3. Developer aligned: seamless workflows that integrate directly into CI/CD, removing friction instead of adding it. This foundation gives enterprises something legacy tools never could: clarity across every API, precision in detecting real risks, and the confidence to block attacks without breaking business. With Levo, security does not slow down APIs. It scales them, safely, compliantly, and at the speed of modern business. Our vision is simple: a world where security and growth are never tradeoffs.


**Average Rating:** 4.8/5.0
**Total Reviews:** 13
**How Do G2 Users Rate Levo.ai?**

- **API Testing:** 9.8/10 (Category avg: 9.1/10)
- **API Monitoring:** 10.0/10 (Category avg: 8.8/10)

**Who Is the Company Behind Levo.ai?**

- **Seller:** [Levo](https://www.g2.com/sellers/levo-fed6d6f5-ba0b-4b0c-9a31-6bfb424af86c)
- **Year Founded:** 2021
- **HQ Location:** San Francisco, US
- **Twitter:** @levoinchq (104 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/levo-inc (32 employees on LinkedIn®)

**Who Uses This Product?**
- **Company Size:** 54% Mid-Market, 46% Small-Business


#### What Are Levo.ai's Pros and Cons?

**Pros:**

- API Management (5 reviews)
- Features (4 reviews)
- Security (4 reviews)
- Visibility (4 reviews)
- Automation (3 reviews)

**Cons:**

- Difficult Learning Curve (2 reviews)
- Poor Integration (2 reviews)
- Complex Setup (1 reviews)
- Integration Issues (1 reviews)
- Training Required (1 reviews)


### What Do G2 Reviewers Say About Levo.ai?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value Levo.ai for its **transformative API management** that enhances security and visibility, catering to modern development needs.
- Users value the **real-time security and unified visibility** provided by Levo.ai, enhancing their API and AI agent management.
- Users value Levo.ai for its **robust security insights** and continuous visibility, enhancing their zero-trust security approach.
- Users value the **real-time visibility** provided by Levo.ai, enhancing security and streamlining their API management effectively.
- Users commend Levo.ai for its **automation capabilities** , enabling seamless security and enhanced developer workflow efficiency.

**Cons:**

- Users find the **difficult learning curve** of Levo.ai challenging, especially for teams new to observability tools.
- Users find the **poor integration** with observability dashboards and workflows limits the product&#39;s effectiveness and flexibility.
- Users find the **complex setup** of Levo.ai challenging, particularly for teams not familiar with observability tools.
- Users note **integration issues** with Levo.ai, seeking more seamless connections to existing SIEM and SOAR workflows.
- Users find the **steep learning curve** of Levo.ai challenging, especially for teams new to observability and security tools.

#### What Are Recent G2 Reviews of Levo.ai?

**"[Strong, Autonomous API Security Platform with Easy Deployment](https://www.g2.com/survey_responses/levo-ai-review-12444556)"**

**Rating:** 4.5/5.0 stars
*— Verified User in Computer &amp; Network Security*

[Read full review](https://www.g2.com/survey_responses/levo-ai-review-12444556)

---

**"[Best Platform for API and agent security in once place](https://www.g2.com/survey_responses/levo-ai-review-11963084)"**

**Rating:** 5.0/5.0 stars
*— Prasad P.*

[Read full review](https://www.g2.com/survey_responses/levo-ai-review-11963084)

---



### 19. [Tenable Nessus](https://www.g2.com/products/tenable-nessus/reviews)
Built for security practitioners, by security professionals, Nessus products by Tenable are the de-facto industry standard for vulnerability assessment. Nessus performs point-in-time assessments to help security professionals quickly and easily identify and fix vulnerabilities, including software flaws, missing patches, malware, and misconfigurations - across a variety of operating systems, devices, and applications. With features such as pre-built policies and templates, customizable reporting, group “snooze” functionality, and real-time updates, Nessus is designed to make vulnerability assessment simple, easy, and intuitive. The result: less time and effort to assess, prioritize, and remediate issues.


**Average Rating:** 4.5/5.0
**Total Reviews:** 289

**Who Is the Company Behind Tenable Nessus?**

- **Seller:** [Tenable](https://www.g2.com/sellers/tenable)
- **Company Website:** https://www.tenable.com/
- **HQ Location:** Columbia, MD
- **Twitter:** @TenableSecurity (87,752 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/25452/ (2,350 employees on LinkedIn®)
- **Ownership:** NASDAQ: TENB

**Who Uses This Product?**
- **Who Uses This:** Security Engineer, Network Engineer
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 40% Mid-Market, 34% Enterprise


#### What Are Tenable Nessus's Pros and Cons?

**Pros:**

- Vulnerability Identification (20 reviews)
- Vulnerability Detection (18 reviews)
- Ease of Use (16 reviews)
- Automated Scanning (15 reviews)
- Features (13 reviews)

**Cons:**

- Slow Scanning (7 reviews)
- Expensive (6 reviews)
- Limited Features (6 reviews)
- Complexity (5 reviews)
- False Positives (5 reviews)


### What Do G2 Reviewers Say About Tenable Nessus?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **vulnerability identification** capabilities of Tenable Nessus, ensuring effective management of security risks.
- Users value the **advanced vulnerability detection** capabilities of Tenable Nessus, enhancing security risk management effectively.
- Users appreciate the **ease of use** of Tenable Nessus, enjoying its simple setup and user-friendly interface.
- Users value the **automated scanning capabilities** of Tenable Nessus, enhancing asset security and vulnerability management.
- Users value the **better and complete asset scanning** of Nessus, along with its powerful reporting and automation features.

**Cons:**

- Users find the **slow scanning** process lengthy, potentially requiring 2-3 days and impacting production due to high resource consumption.
- Users find the **cost of running and maintaining Tenable Nessus** to be considerably high, impacting overall value.
- Users note several **limited features** in Nessus, such as constraints on users and lack of mobile app testing.
- Users highlight the **complexity** in licensing and the steep learning curve for advanced features in Tenable Nessus.
- Users report encountering **false positives** with Nessus, resulting in extra workload for security teams.

#### What Are Recent G2 Reviews of Tenable Nessus?

**"[Reliable and Efficient Vulnerability Management Tool](https://www.g2.com/survey_responses/tenable-nessus-review-12989192)"**

**Rating:** 5.0/5.0 stars
*— Mohsin H.*

[Read full review](https://www.g2.com/survey_responses/tenable-nessus-review-12989192)

---

**"[Self-Contained Nessus Scanning with Full Control in Offline Environments](https://www.g2.com/survey_responses/tenable-nessus-review-12937668)"**

**Rating:** 4.0/5.0 stars
*— Verified User in Higher Education*

[Read full review](https://www.g2.com/survey_responses/tenable-nessus-review-12937668)

---


#### What Are G2 Users Discussing About Tenable Nessus?

- [What is Nessus used for?](https://www.g2.com/discussions/what-is-nessus-used-for) - 1 comment
- [What types of vulnerabilities are scanned by Nessus?](https://www.g2.com/discussions/what-types-of-vulnerabilities-are-scanned-by-nessus)
- [Is there a free version of Nessus?](https://www.g2.com/discussions/is-there-a-free-version-of-nessus) - 2 comments
- [What is an advantage of using Nessus?](https://www.g2.com/discussions/what-is-an-advantage-of-using-nessus)
- [What does Nessus scan for?](https://www.g2.com/discussions/what-does-nessus-scan-for) - 1 comment

### 20. [Harness Platform](https://www.g2.com/products/harness-platform/reviews)
Simplify your developer experience with the world&#39;s first AI-augmented software delivery platform. Upgrade your software delivery with Harness&#39; innovative CI/CD, Feature Flags, Infrastructure as Code Management, and Chaos Engineering tools. We are a software delivery platform that helps developers and infrastructure engineers build and ship code for cloud and on-premise projects. We automate the continuous integration and continuous delivery (CI/CD) process to help teams build faster, ship more frequently, and improve quality, efficiency, and governance. We help companies in four key areas: Number one, we accelerate innovation through DevOps modernization. We provide an approach for software delivery that automates processes, reduces manual interventions, consolidates tools, and accelerates time-to-market for new products, features, and fixes. Number two, we improve developer experience. We give you the ability to attract, retain, and onboard high-caliber engineering talent while fostering a culture of continuous innovation and improvement. Number three, we secure software delivery. We give you the ability to integrate security into every phase of the SDLC. And last but not least is, we optimize cloud costs. We give you the ability to eliminate waste and to ensure that appropriate cloud resources are allocated at the right place at the right time.


**Average Rating:** 4.6/5.0
**Total Reviews:** 300
**How Do G2 Users Rate Harness Platform?**

- **API Testing:** 8.9/10 (Category avg: 9.1/10)
- **API Monitoring:** 9.8/10 (Category avg: 8.8/10)

**Who Is the Company Behind Harness Platform?**

- **Seller:** [Harness](https://www.g2.com/sellers/harness-25016f40-e80f-4417-bea8-39412055d17a)
- **Company Website:** https://harness.io/
- **Year Founded:** 2018
- **HQ Location:** San Francisco
- **Twitter:** @HarnessWealth (1,389 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/harnessinc/ (1,701 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Software Engineer, DevOps Engineer
- **Top Industries:** Computer Software, Financial Services
- **Company Size:** 43% Enterprise, 38% Mid-Market


#### What Are Harness Platform's Pros and Cons?

**Pros:**

- Ease of Use (114 reviews)
- Features (73 reviews)
- Feature Flags (49 reviews)
- Easy Setup (40 reviews)
- Easy Integrations (31 reviews)

**Cons:**

- Missing Features (23 reviews)
- Limitations (20 reviews)
- Limited Features (20 reviews)
- Learning Curve (17 reviews)
- Poor UI (16 reviews)


### What Do G2 Reviewers Say About Harness Platform?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of use** of Harness Platform, finding it simple to implement and configure for projects.
- Users value the **ease of use and extensive targeting options** offered by the Harness Platform for projects.
- Users praise the **user-friendly interface** of Harness Platform, simplifying feature flag management for all team members.
- Users highlight the **easy setup** process of Harness Platform, leading to quick implementation and significant cost savings.
- Users appreciate the **easy integrations** with SSO, simplifying access and enhancing the overall user experience.

**Cons:**

- Users note a **lack of multiple filtering options** and features that could enhance flexibility and ease of use.
- Users face **limitations in configuration management** on Harness Platform, leading to workarounds and confusion in processes.
- Users are frustrated by the **limited features** of Harness Platform, impacting flexibility and ease of use.
- Users find that the **steep learning curve** of the Harness Platform can be overwhelming, especially for beginners.
- Users find the **poor UI** of Harness Platform complex and challenging, impacting overall user experience.

#### What Are Recent G2 Reviews of Harness Platform?

**"[Harness - World of automation](https://www.g2.com/survey_responses/harness-platform-review-11792426)"**

**Rating:** 4.5/5.0 stars
*— Sunil A.*

[Read full review](https://www.g2.com/survey_responses/harness-platform-review-11792426)

---

**"[Best tool for cost optimization and Repository](https://www.g2.com/survey_responses/harness-platform-review-11543262)"**

**Rating:** 5.0/5.0 stars
*— Satendra V.*

[Read full review](https://www.g2.com/survey_responses/harness-platform-review-11543262)

---


#### What Are G2 Users Discussing About Harness Platform?

- [What is Harness Continuous Delivery used for?](https://www.g2.com/discussions/what-is-harness-continuous-delivery-used-for) - 1 comment
- [What is Propelo used for?](https://www.g2.com/discussions/what-is-propelo-used-for)
- [What is Harness Cloud Cost Management used for?](https://www.g2.com/discussions/what-is-harness-cloud-cost-management-used-for)
- [What is the difference between harness and Jenkins?](https://www.g2.com/discussions/what-is-the-difference-between-harness-and-jenkins) - 1 comment
- [What is streaming Split IO?](https://www.g2.com/discussions/what-is-streaming-split-io) - 1 comment

### 21. [StackHawk](https://www.g2.com/products/stackhawk/reviews)
StackHawk is reimagining AppSec for AI-driven development, where applications are built faster than traditional AppSec tools can keep up. Our AppSec Intelligence Platform combines scalable runtime testing with complete attack surface discovery from source code. We integrate directly into development workflows and provide context-aware remediations to developers, enabling teams to find and fix exploitable vulnerabilities before they reach production. With real-time visibility and centralized program intelligence, AppSec teams can prioritize testing and fixing what matters. Companies like British Airways, ITV, and Norstella trust StackHawk to evaluate application risk, prove program value, and scale testing coverage to match development velocity.


**Average Rating:** 4.6/5.0
**Total Reviews:** 67
**How Do G2 Users Rate StackHawk?**

- **API Testing:** 8.9/10 (Category avg: 9.1/10)
- **API Monitoring:** 9.1/10 (Category avg: 8.8/10)

**Who Is the Company Behind StackHawk?**

- **Seller:** [StackHawk](https://www.g2.com/sellers/stackhawk)
- **Company Website:** https://stackhawk.com
- **Year Founded:** 2019
- **HQ Location:** Denver, CO
- **Twitter:** @StackHawk (1,137 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/40780406/ (34 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 46% Small-Business, 35% Mid-Market


#### What Are StackHawk's Pros and Cons?

**Pros:**

- Easy Integrations (10 reviews)
- Customer Support (9 reviews)
- Ease of Use (9 reviews)
- Integrations (7 reviews)
- Scanning Efficiency (5 reviews)

**Cons:**

- Setup Complexity (5 reviews)
- Complex Setup (4 reviews)
- High Learning Curve (3 reviews)
- Lacking Features (3 reviews)
- Limited Scope (3 reviews)


### What Do G2 Reviewers Say About StackHawk?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **easy integrations** with major CI tools, streamlining their automated testing processes effectively.
- Users commend the **excellent customer support** from StackHawk, always ready to assist with any inquiries.
- Users value the **ease of use** of StackHawk, appreciating its intuitive interface and helpful customer support.
- Users appreciate the **easy integration** capabilities of StackHawk, enabling seamless connections with various CI tools.
- Users praise StackHawk for its **scanning efficiency** , allowing quick vulnerability identification without delaying deployments.

**Cons:**

- Users find the **setup complexity** of StackHawk frustrating, requiring extensive onboarding and configuration efforts.
- Users find the **complex setup** of StackHawk frustrating, requiring extensive configuration and leading to a steep learning curve.
- Users find the **high learning curve** of StackHawk challenging, especially due to its complex scripting requirements.
- Users note the **lack of automatic API endpoint collection** and poor management of vulnerabilities as significant drawbacks.
- Users find StackHawk has a **limited scope** due to restricted usage and lack of automation features.

#### What Are Recent G2 Reviews of StackHawk?

**"[StackHawk is a great DAST security tool](https://www.g2.com/survey_responses/stackhawk-review-10761348)"**

**Rating:** 5.0/5.0 stars
*— David M.*

[Read full review](https://www.g2.com/survey_responses/stackhawk-review-10761348)

---

**"[A Game-Changer for DevSecOps](https://www.g2.com/survey_responses/stackhawk-review-8847655)"**

**Rating:** 5.0/5.0 stars
*— Todd L.*

[Read full review](https://www.g2.com/survey_responses/stackhawk-review-8847655)

---


#### What Are G2 Users Discussing About StackHawk?

- [What is StackHawk used for?](https://www.g2.com/discussions/what-is-stackhawk-used-for)

### 22. [Edgescan](https://www.g2.com/products/edgescan/reviews)
What Is Edgescan? Edgescan is a cybersecurity company that helps organizations proactively identify, validate, and prioritize vulnerabilities across their applications, API’s and digital landscape. The company specializes in continuous vulnerability assessment, automated penetration testing, Attack Surface Management and Penetration Testing as a Service (PTaaS). Edgescan combines advanced automation with certified security experts, including professionals holding credentials such as CREST and OSCP, to deliver highly accurate and actionable security testing. This hybrid approach allows organizations to move beyond traditional point-in-time penetration tests and operate a continuous proactive cybersecurity program. The Edgescan platform is designed primarily for web application and API security, enabling organizations to continuously assess their attack surface and identify vulnerabilities throughout the development lifecycle but also delivers “full stack” coverage to detect host layer CVE’s. With a client retention rate of over 90%, Edgescan has built long-term partnerships by delivering measurable improvements in security efficiency, risk visibility, and vulnerability management. Key Features and Capabilities of Edgescan Automated Penetration Testing Edgescan uses intelligent automation to continuously assess applications, APIs, hosts, and cloud environments for vulnerabilities. This enables frequent, scalable security testing across modern and distributed architectures. Human‑Validated Testing Findings are reviewed and manually validated by certified security experts to eliminate false positives and provide deeper insight into real‑world exploitability. Each result is accurate, contextual, and actionable. Penetration Testing as a Service (PTaaS) Edgescan’s PTaaS model extends beyond automated testing by allowing expert testers to focus on vulnerabilities that require human analysis, including: • Business logic flaws • Authentication and authorization weaknesses • Context-dependent exposures • Complex attack chains and privilege escalation paths Cyber Analytics and AI‑Assisted Validation AI-driven analysis enhances detection, verifies exploitability, and increases accuracy. This reduces noise and gives security teams a clearer picture of genuine threats. Integrated Threat Intelligence Edgescan correlates vulnerabilities with real-world threat intelligence, including known exploits and ransomware activity to help organizations prioritize the most dangerous exposures first. Risk‑Based Prioritization Findings are prioritized based on exploitability, severity, threat context, and business impact, ensuring teams focus on the issues that matter most. Primary Value: What Edgescan Solves for Clients Edgescan enables organizations to shift from reactive vulnerability management to a continuous, proactive security model. Traditional scanners and periodic penetration tests frequently produce large volumes of unvalidated findings. This creates noise and forces security teams to spend hours determining which issues are real and critical. Edgescan solves this by combining: Automation for continuous testing Human expertise for validation and complex analysis Cyber analytics and AI for accuracy and prioritization Key Benefits Significant efficiency gains: reducing thousands of hours spent on manual validation. Higher accuracy, thanks to expert‑validated findings and reduced false positives. Clear prioritization, using threat intelligence and ransomware insights to highlight the highest‑risk exposures. Continuous security improvement, enabling rapid detection, faster remediation, and scalable vulnerability management. By unifying automation, human expertise, AI, and threat intelligence, Edgescan empowers organizations to maintain a continuous cybersecurity program that strengthens overall security posture while dramatically reducing operational burden.


**Average Rating:** 4.7/5.0
**Total Reviews:** 51
**How Do G2 Users Rate Edgescan?**

- **API Testing:** 8.8/10 (Category avg: 9.1/10)
- **API Monitoring:** 8.9/10 (Category avg: 8.8/10)

**Who Is the Company Behind Edgescan?**

- **Seller:** [Edgescan](https://www.g2.com/sellers/edgescan)
- **Company Website:** https://www.edgescan.com
- **Year Founded:** 2017
- **HQ Location:** Dublin, Dublin
- **Twitter:** @edgescan (2,256 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/2928425/ (88 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 32% Enterprise, 32% Mid-Market


#### What Are Edgescan's Pros and Cons?

**Pros:**

- Ease of Use (25 reviews)
- Vulnerability Detection (24 reviews)
- Customer Support (19 reviews)
- Vulnerability Identification (19 reviews)
- Features (18 reviews)

**Cons:**

- Complex UI (5 reviews)
- Limited Customization (5 reviews)
- Poor Interface Design (5 reviews)
- Slow Performance (5 reviews)
- UX Improvement (5 reviews)


### What Do G2 Reviewers Say About Edgescan?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of use** with Edgescan, benefiting from seamless setup, integration, and effective reporting dashboards.
- Users praise Edgescan for its **validated, near false positive free vulnerability scanning** , enhancing security with effective scanning solutions.
- Users appreciate Edgescan&#39;s **responsive customer support** , ensuring smooth transitions and quick answers throughout the experience.
- Users value the **validated vulnerability scanning** by Edgescan for its accuracy and ease of integration.
- Users appreciate the **continuous improvement and user-friendly features** of Edgescan, enhancing their overall experience.

**Cons:**

- Users find the **UI complex and non-intuitive** , making navigation and access to settings challenging at times.
- Users find the **limited customization** of Edgescan frustrating, especially with infrequent host configuration updates.
- Users find the **poor interface design** of Edgescan frustrating, impacting usability and ease of access to information.
- Users often experience **slow performance** with scan results taking longer than expected, impacting overall efficiency.
- Users find the **UI to be outdated and user-unfriendly** , complicating data access and support requests within Edgescan.

#### What Are Recent G2 Reviews of Edgescan?

**"[Edgescan: Easy Setup, Clear Insights, and Expert Security Support](https://www.g2.com/survey_responses/edgescan-review-12224347)"**

**Rating:** 5.0/5.0 stars
*— Matt W.*

[Read full review](https://www.g2.com/survey_responses/edgescan-review-12224347)

---

**"[Edgescan Is Amazing!](https://www.g2.com/survey_responses/edgescan-review-11014532)"**

**Rating:** 5.0/5.0 stars
*— Greg S.*

[Read full review](https://www.g2.com/survey_responses/edgescan-review-11014532)

---


#### What Are G2 Users Discussing About Edgescan?

- [What is edgescan used for?](https://www.g2.com/discussions/what-is-edgescan-used-for) - 1 comment

### 23. [Akto API Security Platform](https://www.g2.com/products/akto-api-security-platform/reviews)
Akto is a trusted platform for application security and product security teams to build an enterprise-grade API security program throughout their DevSecOps pipeline. Our industry-leading suite of — API discovery, API security posture management, sensitive data exposure, and API security testing solutions enables organizations to gain visibility in their API security posture. 1,000+ Application Security teams globally trust Akto for their API security needs. Akto use cases: 1. API Discovery 2. API Security Testing in CI/CD 3. API Security Posture Management 4. Authentication and Authorization Testing 5. Sensitive data Exposure 6. Shift left in DevSecOps


**Average Rating:** 4.5/5.0
**Total Reviews:** 54
**How Do G2 Users Rate Akto API Security Platform?**

- **API Testing:** 8.8/10 (Category avg: 9.1/10)
- **API Monitoring:** 9.0/10 (Category avg: 8.8/10)

**Who Is the Company Behind Akto API Security Platform?**

- **Seller:** [Akto.io](https://www.g2.com/sellers/akto-io)
- **Company Website:** https://www.akto.io
- **Year Founded:** 2022
- **HQ Location:** San Francisco, California
- **Twitter:** @Aktodotio (1,357 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/akto-io/ (29 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Financial Services, Information Technology and Services
- **Company Size:** 44% Mid-Market, 40% Small-Business


#### What Are Akto API Security Platform's Pros and Cons?

**Pros:**

- Security (11 reviews)
- Cybersecurity (8 reviews)
- Ease of Use (8 reviews)
- API Management (7 reviews)
- Automation Testing (7 reviews)

**Cons:**

- Complex Setup (7 reviews)
- Setup Complexity (6 reviews)
- API Management (4 reviews)
- Complexity (4 reviews)
- Difficult Configuration (4 reviews)


### What Do G2 Reviewers Say About Akto API Security Platform?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **automated security testing** of Akto API Security Platform, enhancing their API security processes significantly.
- Users praise Akto for its **autonomous AI agents** that enhance API security and integrate seamlessly into workflows.
- Users value the **ease of use** of Akto API Security Platform, appreciating its intuitive dashboard and seamless integrations.
- Users value the **easy integration and efficiency** of Akto for seamless API security testing within CI/CD pipelines.
- Users appreciate the **ease of automation testing** with Akto, which integrates seamlessly into CI/CD pipelines for efficient security.

**Cons:**

- Users find the **complex initial setup** and lack of detailed documentation challenging, impacting their onboarding experience.
- Users find the **setup complexity** of Akto API Security Platform challenging, especially for teams new to the tool.
- Users find the **learning curve steep** , especially for new users unfamiliar with API security concepts and configurations.
- Users find the **complexity** of Akto overwhelming, especially for newcomers needing to grasp API security concepts.
- Users find the **difficult configuration** of Akto challenging, requiring time to grasp API security concepts and effective checks.

#### What Are Recent G2 Reviews of Akto API Security Platform?

**"[Easy to Use API Security Tool That Helps Save Time](https://www.g2.com/survey_responses/akto-api-security-platform-review-11240428)"**

**Rating:** 4.5/5.0 stars
*— ashish d.*

[Read full review](https://www.g2.com/survey_responses/akto-api-security-platform-review-11240428)

---

**"[Easy to Implement, Clear API Security Visibility, and Responsive Support](https://www.g2.com/survey_responses/akto-api-security-platform-review-12272742)"**

**Rating:** 4.5/5.0 stars
*— Verified User in Information Technology and Services*

[Read full review](https://www.g2.com/survey_responses/akto-api-security-platform-review-12272742)

---



### 24. [APPCHECK](https://www.g2.com/products/appcheck/reviews)
AppCheck is a Dynamic Application Security Testing (DAST) and network vulnerability testing solution, developed and supported by experienced penetration testers. We approach security testing as a hacker would, leveraging multiple proprietary crawling engines to analyse target behaviour across both modern and traditional technologies, including Single Page Applications (SPAs), APIs, and complex authentication flows such as SSO, 2FA, and TOTP. Organisations can conduct unlimited security assessments across Web Applications, SPAs, APIs, cloud services, networks, across internal or external assets. Supporting production and UAT testing, AppCheck also helps organisations ‘shift left’ by integrating with CI/CD pipelines and build servers, including ADO, GitHub, Jenkins, TeamCity, CircleCI, TravisCI, Bamboo, and GitLab CI/CD. Allowing automated security testing throughout development, identifying risks as soon as changes are introduced. AppCheck are proud to be part of the CVE Numbering Authority (CNA), contributing to global security research


**Average Rating:** 4.6/5.0
**Total Reviews:** 67
**How Do G2 Users Rate APPCHECK?**

- **API Testing:** 9.4/10 (Category avg: 9.1/10)
- **API Monitoring:** 9.2/10 (Category avg: 8.8/10)

**Who Is the Company Behind APPCHECK?**

- **Seller:** [APPCHECK](https://www.g2.com/sellers/appcheck)
- **Company Website:** https://www.appcheck-ng.com
- **Year Founded:** 2014
- **HQ Location:** Leeds, GB
- **Twitter:** @AppcheckNG (649 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/appcheck-ng-ltd/ (106 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 49% Mid-Market, 30% Small-Business


#### What Are APPCHECK's Pros and Cons?

**Pros:**

- Ease of Use (5 reviews)
- Vulnerability Detection (5 reviews)
- Features (4 reviews)
- Pentesting Efficiency (4 reviews)
- Scanning Efficiency (4 reviews)

**Cons:**

- UX Improvement (2 reviews)
- API Issues (1 reviews)
- Difficult Customization (1 reviews)
- Difficult Learning Curve (1 reviews)
- False Positives (1 reviews)


### What Do G2 Reviewers Say About APPCHECK?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **ease of use** of AppCheck, making complex processes simple and efficient.
- Users value the **practical insights into vulnerabilities** provided by AppCheck, enhancing overall security and efficiency.
- Users value the **excellent functionality and support** of AppCheck, enhancing security with tailored reporting and continuous scans.
- Users laud the **pentesting efficiency** of AppCheck, significantly reducing the need for manual testing and enhancing security.
- Users love the **scanning efficiency** of AppCheck, finding it reliable and easy to integrate within development workflows.

**Cons:**

- Users suggest improving **UX and customization** in AppCheck for better alignment with the latest standards and enhanced experience.
- Users find the **API issues** frustrating, as endpoint changes require service requests despite ongoing improvements based on feedback.
- Users feel that **difficult customization** hampers their ability to tailor reports to their specific needs and context.
- Users note a **difficult learning curve** with Appcheck, but overall find the product satisfactory.
- Users find the **false positives** in scan results problematic, necessitating manual validation and complicating the reporting process.

#### What Are Recent G2 Reviews of APPCHECK?

**"[Effortless Vulnerability Management with APPCHECK](https://www.g2.com/survey_responses/appcheck-review-12463853)"**

**Rating:** 5.0/5.0 stars
*— Aaron H.*

[Read full review](https://www.g2.com/survey_responses/appcheck-review-12463853)

---

**"[Great onboarding experience and trial](https://www.g2.com/survey_responses/appcheck-review-11771398)"**

**Rating:** 4.0/5.0 stars
*— Tyler S.*

[Read full review](https://www.g2.com/survey_responses/appcheck-review-11771398)

---



### 25. [Invicti (formerly Netsparker)](https://www.g2.com/products/invicti-formerly-netsparker/reviews)
Invicti (formerly known as Netsparker) is an enterprise application and API security testing platform that helps organizations secure thousands of web applications and APIs at scale while dramatically reducing the risk of attack. Combining advanced DAST and IAST capabilities in a single platform, Invicti enables security teams to continuously identify, prioritize, and remediate vulnerabilities across complex modern environments with confidence and automation. With Invicti, security teams can: - Automate application security testing workflows and save hundreds of hours every month - Discover and secure all web applications and APIs, including forgotten, unmanaged, and shadow assets - Deliver actionable, developer-friendly feedback that helps teams remediate vulnerabilities faster and build more secure code over time - Reduce false positives with proof-based scanning technology that validates exploitable vulnerabilities - Scale application security programs across large enterprises without slowing development teams - Integrate security seamlessly into existing DevSecOps and CI/CD workflows Built for organizations with the most demanding security requirements, Invicti empowers teams to confidently secure their entire attack surface with accuracy, scalability, and automation.


**Average Rating:** 4.6/5.0
**Total Reviews:** 66
**How Do G2 Users Rate Invicti (formerly Netsparker)?**

- **API Testing:** 8.8/10 (Category avg: 9.1/10)

**Who Is the Company Behind Invicti (formerly Netsparker)?**

- **Seller:** [Invicti Security](https://www.g2.com/sellers/invicti-security-04cb0d3d-fd96-45b2-83dc-2038fc9dac92)
- **Company Website:** https://www.invicti.com/
- **Year Founded:** 2018
- **HQ Location:** Austin, Texas
- **Twitter:** @InvictiSecurity (2,557 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/invicti-security/people/ (335 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 46% Enterprise, 28% Mid-Market


#### What Are Invicti (formerly Netsparker)'s Pros and Cons?

**Pros:**

- Ease of Use (9 reviews)
- Scanning Technology (7 reviews)
- Features (6 reviews)
- Reporting Quality (6 reviews)
- Vulnerability Detection (6 reviews)

**Cons:**

- Poor Customer Support (3 reviews)
- Slow Performance (3 reviews)
- Slow Scanning (3 reviews)
- API Issues (2 reviews)
- Complex Setup (2 reviews)


### What Do G2 Reviewers Say About Invicti (formerly Netsparker)?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **ease of use** of Invicti, enabling quick setup and efficient security testing for all team members.
- Users value the **scanning technology** of Invicti for its user-friendliness and efficient vulnerability detection.
- Users praise Invicti&#39;s **accuracy and integration capabilities** , enhancing security testing and streamlining workflows in development.
- Users value the **well-formatted and comprehensive reports** from Invicti, facilitating smooth ISO certification processes.
- Users value the **effective vulnerability detection** by Invicti, appreciating its user-friendly interface and detailed reporting.

**Cons:**

- Users find **customer support lacking** , often experiencing slow response times and ineffective solutions to their issues.
- Users experience **slow performance** during scans and setup, affecting efficiency while using Invicti.
- Users experience **slow scanning** speeds and find API scanning capabilities lacking, impacting their overall effectiveness.
- Users experience **API issues** that hinder functionality, preventing effective use of Invicti for API scanning tasks.
- Users find the **complex setup** of Invicti challenging, especially with nested menus that hinder easy configuration.

#### What Are Recent G2 Reviews of Invicti (formerly Netsparker)?

**"[Scalable Enterprise Security: Deep Endpoint Coverage via Invicti](https://www.g2.com/survey_responses/invicti-formerly-netsparker-review-12742667)"**

**Rating:** 4.5/5.0 stars
*— Verified User in Information Technology and Services*

[Read full review](https://www.g2.com/survey_responses/invicti-formerly-netsparker-review-12742667)

---

**"[Effortless Website Testing with Outstanding Support](https://www.g2.com/survey_responses/invicti-formerly-netsparker-review-11850923)"**

**Rating:** 4.5/5.0 stars
*— Chris M.*

[Read full review](https://www.g2.com/survey_responses/invicti-formerly-netsparker-review-11850923)

---


#### What Are G2 Users Discussing About Invicti (formerly Netsparker)?

- [What is Invicti (formerly Netsparker) used for?](https://www.g2.com/discussions/what-is-invicti-formerly-netsparker-used-for) - 1 comment
- [What type of vulnerabilities Netsparker can automatically confirm?](https://www.g2.com/discussions/invicti-formerly-netsparker-what-type-of-vulnerabilities-netsparker-can-automatically-confirm)
- [What type of vulnerabilities Netsparker can automatically confirm?](https://www.g2.com/discussions/what-type-of-vulnerabilities-netsparker-can-automatically-confirm)
- [How much does Netsparker cost?](https://www.g2.com/discussions/invicti-formerly-netsparker-how-much-does-netsparker-cost-a1ecffa4-a216-4bcc-affd-40dc140f3e27)
- [How much does Netsparker cost?](https://www.g2.com/discussions/invicti-formerly-netsparker-how-much-does-netsparker-cost)


## What Is API Security Tools?

[Cloud Security Software](https://www.g2.com/categories/cloud-security)

## What Software Categories Are Similar to API Security Tools?

- [Vulnerability Scanner Software](https://www.g2.com/categories/vulnerability-scanner)
- [Penetration Testing Tools](https://www.g2.com/categories/penetration-testing-tools)
- [Dynamic Application Security Testing (DAST) Software](https://www.g2.com/categories/dynamic-application-security-testing-dast)


