# Best Application Shielding Software *By [Brandon Summers-Miller](https://research.g2.com/insights/author/brandon-summers-miller)* Application shielding software enables users to modify and application’s source to make it more resistant to outside tampering. To qualify for inclusion in the Application Shielding category, a product must: - Protect an application from data leakage - Prevents code injections to your application - Ensure users’ protection while they use your product ## Category Overview **Total Products under this Category:** 35 ## Trust & Credibility Stats **Why You Can Trust G2's Software Rankings:** - 30 Analysts and Data Experts - 900+ Authentic Reviews - 35+ Products - Unbiased Rankings G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category. ## Best Application Shielding Software At A Glance - **Leader:** [Cloudflare Application Security and Performance](https://www.g2.com/products/cloudflare-application-security-and-performance/reviews) - **Easiest to Use:** [Appdome](https://www.g2.com/products/appdome/reviews) - **Top Trending:** [Cloudflare Application Security and Performance](https://www.g2.com/products/cloudflare-application-security-and-performance/reviews) - **Best Free Software:** [Appdome](https://www.g2.com/products/appdome/reviews) --- **Sponsored** ### cside What is cside? cside is a browser-layer security platform that gives organisations complete visibility and control over the third-party JavaScript running on their websites. It intercepts every script before it reaches the user, captures the full payload, and analyses runtime behaviour in real time. Third-party scripts power modern websites. Analytics, chat, payments, advertising, and session replay tools all inject JavaScript that runs directly in your visitors' browsers. You didn't write that code. You don't control when it changes. And you have no idea what it does at runtime. That is the client-side blind spot. The three problems cside solves 1) Every third-party script is a blind spot. Analytics, chat, payments, ads: you didn't write it, you don't control it, and you have no idea what it does at runtime inside a real browser. 2) PCI DSS 4.0.1 requirements 6.4.3 and 11.6.1 are now enforced. Most companies have no idea how to meet them, and their existing vendors don't cover it. WAFs, CDNs, and tag managers were never built for this problem. 3) AI agents and bots are now targeting high-value web workflows including checkout, login, and form submission in ways that WAFs and CDN-layer tools were never designed to catch. The attack surface has moved into the browser. The tools haven't. What you get with cside 1) Visibility you have never had. Every script on every page, classified, behavioural-profiled, and monitored continuously. Not what a scanner saw on its last crawl. What actually ran in a real user's browser, in real time. 2) Compliance, done. 6.4.3 and 11.6.1 documentation generated automatically. Auditor-ready output without manual effort. QSA-validated. No CSV exports to fill in by hand. 3) Real-time blocking. Malicious or anomalous script behaviour stopped at the browser layer before data leaves the page. Not flagged for review after the fact. Stopped before exfiltration occurs. Why CSPs and crawlers cannot solve this A Content Security Policy tells the browser which domains are allowed to load scripts. It has no visibility into what those scripts execute. A script served from a trusted domain, after being compromised through a supply chain attack, passes every CSP check and still skims card data from your checkout page. Crawlers and scanners have a different problem. Bad actors detect them and serve clean content to the scanner, then flip to malicious for real users. What the scanner saw and what your customers experienced are two different things. WAFs and CDNs operate at the network layer. They cannot see inside the browser. They check what loads, not what executes. cside sits in the delivery path of every script. It captures what scripts actually do in real user sessions. Deployment: One script tag. Under ten minutes. No managed crawl setup, no session tokens, no captcha bypasses required. Pricing: Free tier available to see your script exposure before buying. Business and Enterprise tiers for teams managing compliance, multi-domain environments, and advanced governance. Transparent pricing. No contract required to prove compliance to your QSA before you commit. Frequently asked questions 1) What makes cside different from a Content Security Policy?: A CSP controls which domains scripts can load from. It cannot analyse what those scripts execute at runtime. cside captures the full payload of every script and analyses its behaviour inside real user browsers, giving you the runtime visibility that CSP was never designed to provide. 2) What PCI DSS requirements does cside address?: cside is built specifically around requirements 6.4.3 and 11.6.1 of PCI DSS 4.0.1. It generates the authorised script inventory required by 6.4.3 and provides the ongoing change detection and monitoring required by 11.6.1, with QSA-validated audit-ready output. 3) How is cside different from a WAF or CDN security feature?: WAFs and CDNs operate at the network or server layer and have no visibility into what JavaScript executes inside a user's browser. cside operates at the browser layer. It is a dedicated product for client-side security, not a feature bolted onto an existing network tool. 4) Does cside detect AI agents and bots?: Yes. cside detects AI agents and bots targeting high-value web workflows including checkout, login, and form submission, covering a threat class that network-layer tools were not designed to address. [Visit website](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=ppc&secure%5Bad_slot%5D=category_product_list&secure%5Bcategory_id%5D=1452&secure%5Bdisplayable_resource_id%5D=1452&secure%5Bdisplayable_resource_type%5D=Category&secure%5Bmedium%5D=sponsored&secure%5Bplacement_reason%5D=page_category&secure%5Bplacement_resource_ids%5D%5B%5D=1452&secure%5Bprioritized%5D=false&secure%5Bproduct_id%5D=1447373&secure%5Bresource_id%5D=1452&secure%5Bresource_type%5D=Category&secure%5Bsource_type%5D=category_page&secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fapplication-shielding%2Fmid-market&secure%5Btoken%5D=2cbed3dfc59c7f6d8ff5ff532381a8e15ddbd901ed1c93cb0cc6eb8aafca40ca&secure%5Burl%5D=https%3A%2F%2Fcside.dev%2Fbook-demo&secure%5Burl_type%5D=book_demo) --- ## Top-Rated Products (Ranked by G2 Score) ### 1. [Cloudflare Application Security and Performance](https://www.g2.com/products/cloudflare-application-security-and-performance/reviews) Cloudflare is the connectivity cloud for the "everywhere world," on a mission to help build a better Internet. We provide a unified platform of networking, security, and developer services delivered from a single, intelligent global network that spans hundreds of cities in over 125 countries. This empowers organizations of all sizes, from small businesses to the world's largest enterprises, to make their employees, applications, and networks faster and more secure everywhere, while significantly reducing complexity and cost. Our comprehensive platform includes: - Advanced Security: Protect your online presence with industry-leading DDoS protection, a robust Web Application Firewall (WAF), Bot mitigation, and API security. Implement Zero Trust security to secure remote access, data, and applications for your entire workforce. - Superior Performance: Accelerate website and application loading times globally with our Content Delivery Network (CDN), intelligent DNS, and smart routing capabilities. Optimize images and deliver dynamic content with unparalleled speed. - Powerful Developer Tools: Empower your developers to build and deploy full-stack applications at the edge using Cloudflare Workers (serverless functions), R2 Storage (object storage without egress fees), and D1 (serverless SQL database). Cloudflare helps connect and protect millions of customers globally, offering the control, visibility, and reliability businesses need to work, develop, and accelerate their operations in today's hyperconnected landscape. Our global network continuously learns and adapts, ensuring your digital assets are always protected and performing at their best. **Average Rating:** 4.5/5.0 **Total Reviews:** 578 **User Satisfaction Scores:** - **Ease of Use:** 9.0/10 (Category avg: 8.8/10) - **Quality of Support:** 8.3/10 (Category avg: 8.9/10) **Seller Details:** - **Seller:** [Cloudflare, Inc.](https://www.g2.com/sellers/cloudflare-inc) - **Company Website:** https://www.cloudflare.com - **Year Founded:** 2009 - **HQ Location:** San Francisco, California - **Twitter:** @Cloudflare (279,070 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/407222/ (6,898 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Web Developer, Software Engineer - **Top Industries:** Information Technology and Services, Computer Software - **Company Size:** 62% Small-Business, 26% Mid-Market #### Pros & Cons **Pros:** - Security (54 reviews) - Ease of Use (50 reviews) - Features (45 reviews) - Performance (36 reviews) - Reliability (36 reviews) **Cons:** - Complex User Interface (24 reviews) - Expensive (24 reviews) - Complex Setup (19 reviews) - Complexity (18 reviews) - Learning Curve (15 reviews) ### 2. [Appdome](https://www.g2.com/products/appdome/reviews) Appdome protects mobile apps, APIs, and digital identities from fraud, bots, malware, and account takeover attacks. Trusted by global enterprises, Appdome delivers automated, zero-touch mobile defenses powered by Agentic AI. Appdome’s mission is to protect every mobile business and user in the world from scams, fraud, bots, and hackers. Appdome’s patented AI-Native XTM Platform is designed to automate every aspect of mobile application and business defense – from design to build, certification, monitoring, response, support, and resolution. Appdome uses AI to deliver a growi ng list of 10,000s of dynamic defense plugins created to address 400+ mobile app security, anti-fraud, bot defense, anti-malware, geo compliance, social engineering, deep fake and other attack vectors on demand. Appdome AI-Native Solutions: - Fraud & Account Takeover Prevention (ATO) – Detect and prevent on-device credential stuffing, fake users, deepfakes automated fraud, overlay attacks, click fraud, and mobile malware used in fraud schemes. - Bot Defense – Blocks malicious bots, automated attacks, API abuse, credential stuffing, ATO, and mobile-based DDoS in real time without network changes; supports all WAFs. - RASP, App Shielding & Malware Defense – Protects apps from malware, trojans, reverse engineering, tampering, keyloggers, and exploits with on-device, real-time defense and runtime threat detection and response. Appdome Comprehensive Mobile Protection: - AI-Native Security, Fraud & Bot Defense – Appdome’s AI-native platform continuously adapts to evolving threats, delivering real-time, in-app protection with no SDK, no server and no coding required. - 400+ Defense Plug-ins – The most complete mobile protection solution, covering anti-fraud, anti-bot, anti-ATO, anti-malware, anti-cheat, anti-reversing, geo compliance, social engineering, deep fakes, security, and more—all with no-code automation. - CertifiedSecure™ – Verifies that all security, fraud, and bot protections are correctly applied and active, ensuring continuous compliance and security assurance, reducing MAST costs, and accelerate release cycles. - DevSecOps & CI/CD Integration – Fully automates security within CI/CD pipelines, enabling development, QA and security teams to deliver secure mobile apps without slowing down releases; integrates with all CI/CD tools and testing tools. Appdome AI-Native Continuous Threat Management: - ThreatScope™ Mobile XDR – Provides real-time attack telemetry across all protected apps, giving security teams full visibility into threats and attacks to respond as they happen. And ThreatDynamics™ adds AI-Native analysis and benchmarking of mobile app threat and attack patterns, delivering actionable insights to preemptively block new and evolving threats. - ThreatEvents™ – Enables in-app, real-time threat detection, enabling mobile apps to identify and block threats and attacks dynamically as they occur with optimal user experience. - Threat Resolution Center™ – Speeds threat resolution by enabling security and support teams to identify and resolve mobile app attacks in real time with AI-powered actions and instructions. Protect your mobile business now! Visit Appdome.com to schedule your personalized demo or start your free trial. **Average Rating:** 4.8/5.0 **Total Reviews:** 85 **User Satisfaction Scores:** - **Ease of Use:** 9.4/10 (Category avg: 8.8/10) - **Quality of Support:** 9.6/10 (Category avg: 8.9/10) **Seller Details:** - **Seller:** [Appdome](https://www.g2.com/sellers/appdome) - **Company Website:** https://www.appdome.com/ - **Year Founded:** 2012 - **HQ Location:** Redwood City, California, United States - **Twitter:** @appdome (2,117 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/appdome/ (161 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Banking, Financial Services - **Company Size:** 51% Enterprise, 34% Mid-Market #### Pros & Cons **Pros:** - Customer Support (23 reviews) - Security (22 reviews) - Ease of Use (21 reviews) - Protection (19 reviews) - Implementation Ease (16 reviews) **Cons:** - Expensive (11 reviews) - Complexity (5 reviews) - Learning Curve (4 reviews) - Learning Difficulty (4 reviews) - Poor Documentation (4 reviews) ### 3. [Jscrambler](https://www.g2.com/products/jscrambler/reviews) Jscrambler is the leader in Client-Side Security for the modern, composable web. As organizations increasingly build digital experiences through third-party software supply chains and AI-powered agents, sensitive data is now created directly in the browser — the point of creation for digital interactions — making it one of the enterprise’s most privileged yet least governed attack surfaces. Jscrambler’s Client-Side Security Platform is powered by a Behavioral Enforcement Core that governs how application code, third-party scripts, and sensitive data behave at runtime. By enforcing software integrity and data governance directly in the browser, the platform ensures sensitive data and AI inputs are controlled according to enterprise policy at the point of creation — before they leave the client environment. Trusted by leading global retailers, airlines, financial services providers, and healthcare organizations, Jscrambler provides the visibility and enforcement organizations need to stop client-side attacks, prevent data leakage, and maintain compliance with regulations including PCI DSS, GDPR, HIPAA, CCPA, and the EU AI Act. **Average Rating:** 4.4/5.0 **Total Reviews:** 31 **User Satisfaction Scores:** - **Ease of Use:** 8.7/10 (Category avg: 8.8/10) - **Quality of Support:** 8.8/10 (Category avg: 8.9/10) **Seller Details:** - **Seller:** [Jscrambler](https://www.g2.com/sellers/jscrambler) - **Company Website:** https://jscrambler.com - **Year Founded:** 2014 - **HQ Location:** San Francisco, California - **Twitter:** @Jscrambler (1,168 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/1005462/ (92 employees on LinkedIn®) **Reviewer Demographics:** - **Company Size:** 35% Mid-Market, 29% Small-Business #### Pros & Cons **Pros:** - Security (3 reviews) - Ease of Use (2 reviews) - User Interface (2 reviews) - Automation (1 reviews) - Comprehensive Overview (1 reviews) **Cons:** - Difficult Initiation (2 reviews) - Slow Performance (2 reviews) - Dashboard Issues (1 reviews) - Error Handling (1 reviews) - Lack of Guidance (1 reviews) ### 4. [Zimperium Mobile Application Protection Suite (MAPS)](https://www.g2.com/products/zimperium-mobile-application-protection-suite-maps/reviews) Zimperium Mobile Application Protection Suite (MAPS)📱-- is a unified mobile app security platform built to protect iOS and Android apps across the entire lifecycle—from build and testing to deployment, runtime, and response. Zimperium MAPS provides on-device mobile threat detection, runtime application self-protection (RASP), application hardening, and cryptographic key protection—all integrated into a lightweight SDK that easily fits into modern DevSecOps workflows. Unlike cloud-reliant or wrapper-based tools, Zimperium MAPS delivers real-time, zero-delay protection against mobile app threats such as reverse engineering, code tampering, emulators, jailbroken/rooted environments, and malicious runtime behaviors. Zimperium MAPS Includes Four Integrated Modules: 📲 zScan – Mobile Application Security Testing (MAST): Scan iOS or Android app binaries pre-release to identify compliance, privacy, and security risks that could be exploited in production. zScan enables secure release cycles for highly regulated industries. 📲 zShield – Application Shielding for iOS and Android Apps: Protect source code, app binaries and intellectual property with advanced obfuscation, anti-tampering, and encryption—blocking reverse engineering and code modification. 📲 zDefend – Advanced Runtime Protection (RASP): Detects and responds to mobile threats in real time, on-device. zDefend protects apps from device compromise, dynamic instrumentation, emulators, and 0-day attacks—even without internet connectivity. 📲 zKeyBox – Cryptographic Key Protection: Secure encryption keys and sensitive logic within the app using white-box cryptography. zKeyBox prevents attackers from extracting secrets—even on rooted or jailbroken devices. Why Choose Zimperium MAPS for Mobile App Protection? 📱 + Unified Mobile Application Security Platform - Protect iOS and Android apps across the full lifecycle on one AI-Empowered platform. Optimize protection, accelerate releases, and respond to mobile threats faster. + End-to-end Security Visibility - Find build-time vulnerabilities, compliance violations, and real-world runtime threats in one view. + On-device Runtime Protection (RASP). Detect and block zero-day mobile threats, jailbreak and root attempts, and repackaging attacks in real time on the device. Works offline with no backend connectivity required. + Over-The-Air Security Updates - Push new mobile app protections to production without an app store release. Respond to emerging mobile threats in hours, not sprints. + Low-code and No-code app Protection - Apply code obfuscation, anti-tampering, and key protection with minimal engineering lift. Keep release velocity intact while hardening iOS and Android apps. + Flexible Deployment - Run MAPS on-prem or as SaaS to meet data residency, privacy, and regulatory compliance requirements. + AI Mobile App Response Agent - Enables SOC and Fraud analysts to trigger on-demand investigations on any device, and within minutes the agent determines whether an incident or fraud has occurred. **Average Rating:** 4.0/5.0 **Total Reviews:** 21 **User Satisfaction Scores:** - **Ease of Use:** 8.6/10 (Category avg: 8.8/10) - **Quality of Support:** 8.2/10 (Category avg: 8.9/10) **Seller Details:** - **Seller:** [Zimperium](https://www.g2.com/sellers/zimperium) - **Company Website:** https://www.zimperium.com - **Year Founded:** 2010 - **HQ Location:** Dallas, TX - **Twitter:** @ZIMPERIUM (10,803 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/1630757/ (269 employees on LinkedIn®) **Reviewer Demographics:** - **Company Size:** 38% Enterprise, 29% Small-Business ### 5. [Dotfuscator](https://www.g2.com/products/dotfuscator/reviews) Dotfuscator delivers comprehensive protection for .NET applications through advanced code obfuscation, real-time threat detection, and anti-tampering controls. Using a defense-in-depth strategy with patented renaming technology and encryption, it safeguards intellectual property and prevents reverse engineering. Trusted by Fortune 500 companies across financial services, healthcare, aerospace, and government sectors, Dotfuscator integrates seamlessly into any development environment with support for Visual Studio, Azure DevOps, and CI/CD pipelines. **Average Rating:** 4.6/5.0 **Total Reviews:** 23 **User Satisfaction Scores:** - **Ease of Use:** 8.6/10 (Category avg: 8.8/10) - **Quality of Support:** 9.7/10 (Category avg: 8.9/10) **Seller Details:** - **Seller:** [Idera, Inc.](https://www.g2.com/sellers/idera-inc-6c9eda01-43cf-4bd5-b70c-70f59610d9a0) - **Year Founded:** 1999 - **HQ Location:** Houston, TX - **Twitter:** @MigrationWiz (483 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/bittitan (69 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Computer Software - **Company Size:** 57% Small-Business, 22% Enterprise ### 6. [DoveRunner](https://www.g2.com/products/doverunner/reviews) DoveRunner, formerly known as PallyCon & AppSealing, is a comprehensive mobile app and content security platform designed to help businesses protect both their mobile applications and premium video content against evolving digital threats. The platform combines advanced mobile app shielding technologies with enterprise-grade video content protection solutions, enabling organizations to secure their digital ecosystem through a unified security approach. DoveRunner offers robust Runtime Application Self-Protection (RASP) capabilities for mobile apps, alongside Multi-DRM, Forensic Watermarking, Distributor Watermarking, and Anti-piracy services for premium video content, helping businesses safeguard their intellectual property without requiring extensive coding or complex integrations. Targeted primarily at mobile app developers, OTT platforms, streaming services, media companies, broadcasters, enterprises, and organizations that rely on digital applications and video distribution, DoveRunner addresses the growing concerns around application security and content piracy in an increasingly connected landscape. As cyber threats, reverse engineering attacks, credential abuse, screen recording, illegal redistribution, and content piracy continue to rise, businesses require a reliable and scalable security solution to protect both their applications and monetizable content assets. DoveRunner delivers a comprehensive defense framework that not only protects sensitive application data and premium video streams but also strengthens platform integrity and user trust. One of the standout strengths of DoveRunner is its ability to protect applications from tampering, reverse engineering, repackaging, and unauthorized modifications while simultaneously securing premium video content from piracy and illegal distribution. Through advanced security protocols, the platform actively detects and neutralizes threats targeting mobile applications and streaming environments, ensuring the integrity of both the app experience and the content delivery pipeline. DoveRunner’s content security solutions, including Multi-DRM and Forensic Watermarking, help OTT providers and content owners deter piracy, trace content leaks, and reduce unauthorized redistribution across digital platforms. DoveRunner’s user-friendly implementation process allows businesses to integrate powerful security capabilities into their existing applications and content workflows with minimal operational complexity. Its no-code and low-code deployment capabilities enable organizations to secure mobile apps and video services quickly, without lengthy development cycles or heavy infrastructure requirements. This combination of ease of use, scalability, and enterprise-grade protection makes DoveRunner an ideal choice for businesses seeking to strengthen both their mobile app security and premium content protection strategies. In summary, DoveRunner provides a unified security platform that addresses the critical challenges faced by modern app-driven and content-centric businesses. By delivering advanced mobile app shielding alongside robust video content protection and anti-piracy solutions, DoveRunner helps organizations defend their applications, protect premium content, preserve revenue streams, and create a safer digital experience for users worldwide. **Average Rating:** 4.7/5.0 **Total Reviews:** 48 **User Satisfaction Scores:** - **Ease of Use:** 9.2/10 (Category avg: 8.8/10) - **Quality of Support:** 8.9/10 (Category avg: 8.9/10) **Seller Details:** - **Seller:** [ DoveRunner](https://www.g2.com/sellers/doverunner) - **Company Website:** https://doverunner.com/ - **Year Founded:** 2000 - **HQ Location:** San Jose, CA - **Twitter:** @doverunner_inc (12 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/doverunner/people/ (57 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 46% Small-Business, 42% Mid-Market #### Pros & Cons **Pros:** - Data Management (1 reviews) - Intuitive (1 reviews) - User Interface (1 reviews) **Cons:** - Learning Curve (1 reviews) ### 7. [JSDefender – App Protection for JavaScript](https://www.g2.com/products/jsdefender-app-protection-for-javascript/reviews) JSDefender delivers professional JavaScript obfuscation and runtime security for enterprise applications. The platform transforms readable JavaScript into hardened, self-defending code using advanced techniques like control flow flattening, literal encryption, and property indirection. With built-in tamper detection, debugger blocking, and domain/date locking, JSDefender protects against reverse engineering and unauthorized access. Trusted by 5,000+ organizations, it integrates seamlessly with modern development workflows and major CI/CD platforms. **Average Rating:** 4.8/5.0 **Total Reviews:** 12 **User Satisfaction Scores:** - **Ease of Use:** 9.7/10 (Category avg: 8.8/10) - **Quality of Support:** 9.7/10 (Category avg: 8.9/10) **Seller Details:** - **Seller:** [Idera, Inc.](https://www.g2.com/sellers/idera-inc-6c9eda01-43cf-4bd5-b70c-70f59610d9a0) - **Year Founded:** 1999 - **HQ Location:** Houston, TX - **Twitter:** @MigrationWiz (483 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/bittitan (69 employees on LinkedIn®) **Reviewer Demographics:** - **Company Size:** 42% Mid-Market, 33% Small-Business ### 8. [LIAPP](https://www.g2.com/products/liapp/reviews) LIAPP is a specialized mobile application shielding and runtime application self-protection (RASP) solution designed to secure Android and iOS environments from unauthorized access and cyber threats. This security tool allows developers and enterprises to protect their mobile applications by applying robust security layers to the final application binary, ensuring protection against tampering and reverse engineering without requiring changes to the existing source code. The primary function of LIAPP is to maintain the integrity of mobile applications in high-stakes industries, including mobile banking, fintech, and global gaming. By implementing LIAPP, organizations can defend against various attack vectors such as rooting, jailbreaking, debugging, and memory manipulation. This solution is particularly effective for businesses that need to align their mobile services with international security standards and regional financial regulations. In addition to its core shielding capabilities, LOCKIN Company offers supplementary security modules that can be implemented alongside or independently of LIAPP to address specific vulnerabilities: LISS (Screen Protection): A dedicated solution designed to block unauthorized screen captures, screen recording, and remote access attempts to protect visual data integrity. LIKEY (Security Keypad): A specialized virtual keypad that encrypts and secures sensitive user input to prevent data interception from keyloggers and other malicious methods. LIAPP’s deployment model is optimized for rapid integration into the development lifecycle, minimizing the technical burden on engineering teams. This allows organizations to maintain their scheduled release cycles while providing a secure environment for their end-users. The solution provides several key technical advantages: Comprehensive App Shielding: Prevents unauthorized modification and repackaging of the application to ensure the software functions as originally intended. Dynamic Runtime Protection: Actively detects and blocks security threats during the application's execution to prevent data breaches in real-time. Modular Security Expansion: Enables users to enhance their security posture by adding LISS for screen protection or LIKEY for secure data entry based on specific operational needs. Regulatory Compliance Support: Provides the necessary technical infrastructure to assist financial institutions in meeting stringent mobile transaction security and fraud prevention requirements. Through its specialized focus on application integrity, LIAPP assists users in managing the security lifecycle of their mobile products. It offers monitoring capabilities and threat intelligence, allowing stakeholders to identify emerging risks and maintain a resilient mobile presence. **Average Rating:** 4.8/5.0 **Total Reviews:** 20 **User Satisfaction Scores:** - **Ease of Use:** 9.2/10 (Category avg: 8.8/10) - **Quality of Support:** 9.2/10 (Category avg: 8.9/10) **Seller Details:** - **Seller:** [Lockin Company](https://www.g2.com/sellers/lockin-company) - **Year Founded:** 2013 - **HQ Location:** Seongnam-si,Gyeonggi-do - **LinkedIn® Page:** https://www.linkedin.com/company/lockin-company/ (4 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Computer Games - **Company Size:** 60% Mid-Market, 35% Small-Business ### 9. [DashO](https://www.g2.com/products/dasho/reviews) DashO transforms your vulnerable Java and Android applications into hardened, self-defending systems using patented obfuscation technology and real-time protection mechanisms. It uses advanced obfuscation techniques including patented Enhanced Overload Induction™ technology, control flow obfuscation, and string encryption to make code difficult to decompile. DashO includes real-time defenses like anti-debugging, root detection, and tamper detection that actively respond to threats. DashO integrates seamlessly with Gradle, Maven, and CI/CD pipelines for easy DevSecOps adoption. Trusted by over 5,000 companies worldwide, DashO helps organizations protect intellectual property, maintain regulatory compliance, and prevent revenue loss from piracy with minimal performance impact. **Average Rating:** 4.5/5.0 **Total Reviews:** 12 **User Satisfaction Scores:** - **Ease of Use:** 8.8/10 (Category avg: 8.8/10) - **Quality of Support:** 8.5/10 (Category avg: 8.9/10) **Seller Details:** - **Seller:** [Idera, Inc.](https://www.g2.com/sellers/idera-inc-6c9eda01-43cf-4bd5-b70c-70f59610d9a0) - **Year Founded:** 1999 - **HQ Location:** Houston, TX - **Twitter:** @MigrationWiz (483 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/bittitan (69 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Computer Software - **Company Size:** 83% Mid-Market, 25% Small-Business ### 10. [cside](https://www.g2.com/products/cside/reviews) What is cside? cside is a browser-layer security platform that gives organisations complete visibility and control over the third-party JavaScript running on their websites. It intercepts every script before it reaches the user, captures the full payload, and analyses runtime behaviour in real time. Third-party scripts power modern websites. Analytics, chat, payments, advertising, and session replay tools all inject JavaScript that runs directly in your visitors' browsers. You didn't write that code. You don't control when it changes. And you have no idea what it does at runtime. That is the client-side blind spot. The three problems cside solves 1) Every third-party script is a blind spot. Analytics, chat, payments, ads: you didn't write it, you don't control it, and you have no idea what it does at runtime inside a real browser. 2) PCI DSS 4.0.1 requirements 6.4.3 and 11.6.1 are now enforced. Most companies have no idea how to meet them, and their existing vendors don't cover it. WAFs, CDNs, and tag managers were never built for this problem. 3) AI agents and bots are now targeting high-value web workflows including checkout, login, and form submission in ways that WAFs and CDN-layer tools were never designed to catch. The attack surface has moved into the browser. The tools haven't. What you get with cside 1) Visibility you have never had. Every script on every page, classified, behavioural-profiled, and monitored continuously. Not what a scanner saw on its last crawl. What actually ran in a real user's browser, in real time. 2) Compliance, done. 6.4.3 and 11.6.1 documentation generated automatically. Auditor-ready output without manual effort. QSA-validated. No CSV exports to fill in by hand. 3) Real-time blocking. Malicious or anomalous script behaviour stopped at the browser layer before data leaves the page. Not flagged for review after the fact. Stopped before exfiltration occurs. Why CSPs and crawlers cannot solve this A Content Security Policy tells the browser which domains are allowed to load scripts. It has no visibility into what those scripts execute. A script served from a trusted domain, after being compromised through a supply chain attack, passes every CSP check and still skims card data from your checkout page. Crawlers and scanners have a different problem. Bad actors detect them and serve clean content to the scanner, then flip to malicious for real users. What the scanner saw and what your customers experienced are two different things. WAFs and CDNs operate at the network layer. They cannot see inside the browser. They check what loads, not what executes. cside sits in the delivery path of every script. It captures what scripts actually do in real user sessions. Deployment: One script tag. Under ten minutes. No managed crawl setup, no session tokens, no captcha bypasses required. Pricing: Free tier available to see your script exposure before buying. Business and Enterprise tiers for teams managing compliance, multi-domain environments, and advanced governance. Transparent pricing. No contract required to prove compliance to your QSA before you commit. Frequently asked questions 1) What makes cside different from a Content Security Policy?: A CSP controls which domains scripts can load from. It cannot analyse what those scripts execute at runtime. cside captures the full payload of every script and analyses its behaviour inside real user browsers, giving you the runtime visibility that CSP was never designed to provide. 2) What PCI DSS requirements does cside address?: cside is built specifically around requirements 6.4.3 and 11.6.1 of PCI DSS 4.0.1. It generates the authorised script inventory required by 6.4.3 and provides the ongoing change detection and monitoring required by 11.6.1, with QSA-validated audit-ready output. 3) How is cside different from a WAF or CDN security feature?: WAFs and CDNs operate at the network or server layer and have no visibility into what JavaScript executes inside a user's browser. cside operates at the browser layer. It is a dedicated product for client-side security, not a feature bolted onto an existing network tool. 4) Does cside detect AI agents and bots?: Yes. cside detects AI agents and bots targeting high-value web workflows including checkout, login, and form submission, covering a threat class that network-layer tools were not designed to address. **Average Rating:** 4.8/5.0 **Total Reviews:** 11 **User Satisfaction Scores:** - **Ease of Use:** 9.2/10 (Category avg: 8.8/10) - **Quality of Support:** 10.0/10 (Category avg: 8.9/10) **Seller Details:** - **Seller:** [cside](https://www.g2.com/sellers/cside) - **Company Website:** https://cside.dev/?utm_source=thefundingletter.beehiiv.com&utm_medium=newsletter&utm_campaign=the-funding-letter-1420-may-20 - **Year Founded:** 2024 - **HQ Location:** San Francisco, US - **LinkedIn® Page:** https://www.linkedin.com/company/csidedev (23 employees on LinkedIn®) **Reviewer Demographics:** - **Company Size:** 82% Small-Business, 18% Mid-Market #### Pros & Cons **Pros:** - Monitoring (3 reviews) - Helpful (2 reviews) - Threat Detection (2 reviews) - Accuracy of Information (1 reviews) - Alert Notifications (1 reviews) **Cons:** - Difficult Initiation (1 reviews) - Navigation Issues (1 reviews) - Not Intuitive (1 reviews) - Not User-Friendly (1 reviews) - UX Improvement (1 reviews) ### 11. [DexProtector](https://www.g2.com/products/dexprotector/reviews) Mobile applications are increasingly targeted by attackers looking to reverse engineer code, bypass security controls, and manipulate app behavior at runtime. DexProtector is an EMVCo-evaluated and approved mobile application protection tool that helps organizations protect their mobile apps in the wild. It secures application logic, prevents tampering, and detects compromised environments without requiring code changes or complex integrations. Used by organizations in more than 75 countries and protecting applications on over 500 million devices, DexProtector is trusted by teams building secure mobile banking, payment, and other high-risk applications. Protect apps without changing your code: DexProtector integrates directly into your build process as a CLI, Gradle, or CI/CD task. Protections are automatically applied to Android and iOS apps and SDKs (APKs, AABs, AARs, IPAs, frameworks), with no SDKs, no refactoring, and no disruption to development workflows. Prevent reverse engineering, tampering, and runtime attacks: DexProtector combines multiple layers of protection to secure both application code and runtime behavior. • Protects code with advanced obfuscation and encryption • Detects compromised environments (rooted, jailbroken, and emulated devices) • Prevents debugging, dynamic instrumentation, and runtime manipulation • Enforces application integrity and anti-tampering controls Built for regulated and high-risk environments: DexProtector has been evaluated and approved under EMVCo SBMP (Software-Based Mobile Payments) as a Software Protection Tool (SPT), helping to streamline certification for applications and SDKs, and supporting compliance in highly-regulated industries. Extend protection with real-time threat intelligence: DexProtector can be integrated with Licel's Alice Threat and Device Intelligence solution to provide real-time insight into device risk, threat signals, and suspicious behavior. This enables teams to detect and respond to threats beyond the application layer. Key capabilities: • String, class, and native library encryption • Cross-platform code protection (React Native, Flutter, Xamarin, etc.) • Root, jailbreak, and emulator detection • Debugging and dynamic instrumentation detection • Public key certificate validation • White-box cryptography • Anti-malware mechanisms • Mobile API Protection • Anti-tampering and integrity enforcement **Average Rating:** 5.0/5.0 **Total Reviews:** 5 **User Satisfaction Scores:** - **Ease of Use:** 10.0/10 (Category avg: 8.8/10) - **Quality of Support:** 10.0/10 (Category avg: 8.9/10) **Seller Details:** - **Seller:** [Licel](https://www.g2.com/sellers/licel) - **Year Founded:** 2011 - **HQ Location:** London, GB - **LinkedIn® Page:** https://www.linkedin.com/company/licel/ (29 employees on LinkedIn®) **Reviewer Demographics:** - **Company Size:** 33% Small-Business, 33% Mid-Market ### 12. [RedShield](https://www.g2.com/products/redshield/reviews) RedShield is the web application shielding-with-a-service cybersecurity company. **Average Rating:** 3.9/5.0 **Total Reviews:** 4 **Seller Details:** - **Seller:** [Red Shield](https://www.g2.com/sellers/red-shield) - **Year Founded:** 2008 - **HQ Location:** Wellington, NZ - **LinkedIn® Page:** http://www.linkedin.com/company/redshield-security (54 employees on LinkedIn®) **Reviewer Demographics:** - **Company Size:** 80% Small-Business, 20% Mid-Market ### 13. [Promon Shield for Mobile](https://www.g2.com/products/promon-shield-for-mobile/reviews) Promon Shield for Mobile™ delivers deep, in-app protection that keeps your apps, users, and data safe from tampering, reverse engineering, and malware. It integrates post-compile in minutes, scales effortlessly, and stays invisible to users. - Protect against reverse engineering, code injection, and malware - Deploy more than 3x faster with post-compile integration with minimal impact - Get support in meeting compliance with industry regulations Why choose Promon? Full protection Powerful RASP and code obfuscation to defend mobile apps against tampering, reverse engineering, and unauthorized access - ensuring robust protection for your IP and app's data. Seamless integration Seamless integration with any CI/CD pipeline, featuring post-compile implementation for fast and easy deployment - saving your developers time. Total control On-premises deployment, giving you full ownership of your security infrastructure while safeguarding sensitive data and maintaining compliance with ease. Unrivaled support Expert help when you need it, ensuring seamless assistance and access to our industry-leading mobile app security expertise. **Average Rating:** 4.0/5.0 **Total Reviews:** 3 **User Satisfaction Scores:** - **Ease of Use:** 8.9/10 (Category avg: 8.8/10) - **Quality of Support:** 6.1/10 (Category avg: 8.9/10) **Seller Details:** - **Seller:** [Promon](https://www.g2.com/sellers/promon) - **Year Founded:** 2006 - **HQ Location:** Oslo, NO - **LinkedIn® Page:** https://uk.linkedin.com/company/promon-as (135 employees on LinkedIn®) **Reviewer Demographics:** - **Company Size:** 33% Enterprise, 33% Mid-Market ### 14. [Codacy](https://www.g2.com/products/codacy/reviews) Codacy is the only DevSecOps platform that delivers plug-and-play code health and security scanning for AI and human generated code. Future-proof your software – from source code to runtime – without extra servers or build steps. Deploy within minutes and stay ahead of emerging risks today. BUILT FOR HUMANS, READY FOR AI Seamless Git and IDE integrations make Codacy a daily coach your devs can trust, not just another browser tab. AI-generated code is no exception – leaving up to 50% of your codebase exposed to a new wave of zero-days. Empower your devs to use Copilot and Cursor with confidence, not concern. CODE HEALTH & SECURITY FOR ANY STACK While healthy coding standards make your apps and infra run smoothly, Codacy equips your devs with the largest AppSec suite on the market – SAST, hardcoded secrets, dependency checks, SBOM, license scanning, DAST, and pentesting – safeguarding your business every step of the way. PIPELINE-LESS CODE AND RUNTIME SCANS Codacy scans run entirely in the cloud, eliminating the need for servers or build steps. A simple one-click webhook integration gets every commit and Pull Request scanned on the fly, across 49 languages and frameworks – ready for codebases of any size and flavor, and SOC 2 Type 2 certified. **Average Rating:** 4.6/5.0 **Total Reviews:** 28 **User Satisfaction Scores:** - **Ease of Use:** 9.2/10 (Category avg: 8.8/10) - **Quality of Support:** 9.2/10 (Category avg: 8.9/10) **Seller Details:** - **Seller:** [Codacy](https://www.g2.com/sellers/codacy) - **Year Founded:** 2012 - **HQ Location:** Lisbon, Lisboa - **Twitter:** @codacy (5,025 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/3310124/ (73 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Computer Software - **Company Size:** 61% Small-Business, 21% Mid-Market #### Pros & Cons **Pros:** - Security (2 reviews) - Automation (1 reviews) - Automation Testing (1 reviews) - Code Quality (1 reviews) - Customer Support (1 reviews) **Cons:** - Expensive (1 reviews) ### 15. [Feroot Security](https://www.g2.com/products/feroot-security/reviews) The Feroot AI Platform brings intelligent automation to ensure compliant and secure user experiences across web and mobile applications—eliminating manual processes, reducing human error, and replacing operational overhead with continuous, real-time protection. Instead of spending months manually auditing websites and mobile applications, organizations can achieve security and compliance in as little as 45 seconds. Feroot automates website security and compliance programs to help meet the requirements of PCI DSS 4.0.1, HIPAA (including Rules on the Use of Online Tracking Technologies), CCPA / CPRA, GDPR, CIPA, and more than 50 global laws and industry standards. At the core of the platform are Feroot AI Agents that continuously monitor, detect, and enforce compliance across client-side environments. They identify and stop hidden threats such as Magecart attacks, formjacking, unauthorized tracking, data leakage, and malicious third-party scripts before they can compromise sensitive data. Feroot is purpose-built to protect high-value web assets including payment pages, login forms, healthcare portals, and other sensitive workflows where customer and patient data is most at risk. The unified platform integrates critical web security and compliance capabilities into a single solution, including: • JavaScript behavior analysis • Web compliance scanning • Third-party script monitoring • Consent audit and policy enforcement • Data privacy posture management By combining security monitoring with automated compliance enforcement, Feroot provides complete visibility and control over client-side risk without adding complexity. From Fortune 500 enterprises to healthcare providers, retailers, SaaS platforms, universities, utilities, municipalities, travel companies, gaming platforms, and payment service providers, organizations of all sizes trust Feroot to safeguard sensitive customer data and maintain regulatory compliance in an increasingly complex digital landscape. Feroot AI solutions include: • PaymentGuard AI – Protects payment workflows and PCI-scoped environments • HealthData Shield AI – Secures patient data and healthcare portals • AlphaPrivacy AI – Ensures data privacy compliance and user consent enforcement • CodeGuard AI – Monitors and protects client-side code integrity and behavior Visit https://www.feroot.com for more information. **Average Rating:** 4.9/5.0 **Total Reviews:** 26 **User Satisfaction Scores:** - **Ease of Use:** 8.7/10 (Category avg: 8.8/10) - **Quality of Support:** 9.9/10 (Category avg: 8.9/10) **Seller Details:** - **Seller:** [Feroot Security](https://www.g2.com/sellers/feroot-security) - **Company Website:** https://www.feroot.com - **Year Founded:** 2017 - **HQ Location:** Toronto, Ontario, Canada - **LinkedIn® Page:** http://www.linkedin.com/company/feroot (45 employees on LinkedIn®) **Reviewer Demographics:** - **Company Size:** 54% Enterprise, 27% Mid-Market #### Pros & Cons **Pros:** - Customer Support (14 reviews) - Ease of Use (9 reviews) - Security (9 reviews) - Helpful (7 reviews) - Easy Integrations (6 reviews) **Cons:** - Poor Interface Design (4 reviews) - Complexity (3 reviews) - Not Intuitive (3 reviews) - Complex Setup (2 reviews) - Difficult Setup (2 reviews) ### 16. [PreEmptive](https://www.g2.com/products/preemptive/reviews) PreEmptive secures apps against IP theft, hacking, and tampering with multi-layered protection for .NET, Java, and JavaScript. PreEmptive expertly balances cost, convenience, & functionality to secure your applications, making them more resistant to data & IP theft, hacking, & tampering. Our quick-to-implement, premium solutions provide multilayered in-app protection: Dotfuscator for .NET & Xamarin DashO for Java & Android JSDefender for JavaScript Our multi-layered approach to binary code protection employs obfuscation, encryption, root detection, shielding, & tamper-proofing to defend against exploitation by both humans and machines. PreEmptive offers passive & active defense capabilities, safeguarding trade secrets & intellectual property (IP), reducing piracy & counterfeiting, & preventing tampering of code & sensitive data inspection. Easily integrating into .NET, MAUI, Java, & Android applications, PreEmptive helps you manage application risks and ensure regulatory compliance. PreEmptive delivers premium application shielding, seamlessly integrating into your development workflow to secure software, protect your organization, and safeguard your customers. Choose PreEmptive for comprehensive, intelligent app security **Average Rating:** 4.5/5.0 **Total Reviews:** 2 **User Satisfaction Scores:** - **Ease of Use:** 8.3/10 (Category avg: 8.8/10) - **Quality of Support:** 8.3/10 (Category avg: 8.9/10) **Seller Details:** - **Seller:** [Idera, Inc.](https://www.g2.com/sellers/idera-inc-6c9eda01-43cf-4bd5-b70c-70f59610d9a0) - **Year Founded:** 1999 - **HQ Location:** Houston, TX - **Twitter:** @MigrationWiz (483 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/bittitan (69 employees on LinkedIn®) **Reviewer Demographics:** - **Company Size:** 100% Small-Business ### 17. [ThreatCast](https://www.g2.com/products/threatcast/reviews) Real-time visibility for iOS and Android apps Monitor your apps in real-time and continuously improve your security implementation with ThreatCast’s actionable feedback. Monitor threats in real-time with intuitive dashboards and custom alerts. Analyze threat data and uncover how threat actors are attempting to compromise your app. Act on your insights by identifying suspicious users and implementing security findings into future development. **Average Rating:** 5.0/5.0 **Total Reviews:** 2 **User Satisfaction Scores:** - **Ease of Use:** 9.2/10 (Category avg: 8.8/10) - **Quality of Support:** 10.0/10 (Category avg: 8.9/10) **Seller Details:** - **Seller:** [GuardSquare NV](https://www.g2.com/sellers/guardsquare-nv) - **Year Founded:** 2014 - **HQ Location:** Leuven, Belgium - **Twitter:** @GuardSquare (3,973 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/5012731 (173 employees on LinkedIn®) **Reviewer Demographics:** - **Company Size:** 100% Small-Business ### 18. [C-Prot Embedded AppDefense](https://www.g2.com/products/c-prot-embedded-appdefense/reviews) C-Prot Embedded AppDefense is an SDK solution that enables easy integration into mobile applications and solutions developed by app developers, security providers or mobile service providers to ensure security. **Average Rating:** 5.0/5.0 **Total Reviews:** 1 **Seller Details:** - **Seller:** [C-Prot Siber Güvenlik Teknolojileri A.S](https://www.g2.com/sellers/c-prot-siber-guvenlik-teknolojileri-a-s) - **Year Founded:** 2010 - **HQ Location:** Mersin, TR - **Twitter:** @cprottr (194 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/c-prottr/ (13 employees on LinkedIn®) **Reviewer Demographics:** - **Company Size:** 100% Small-Business ### 19. [V-OS App Protection](https://www.g2.com/products/v-os-app-protection/reviews) Built on top of V-Key’s patented V-OS Virtual Secure Element as the security foundation, V-OS App Protection adds another layer of tamper protection and security enhancements. **Average Rating:** 4.5/5.0 **Total Reviews:** 1 **User Satisfaction Scores:** - **Ease of Use:** 8.3/10 (Category avg: 8.8/10) - **Quality of Support:** 8.3/10 (Category avg: 8.9/10) **Seller Details:** - **Seller:** [V-Key](https://www.g2.com/sellers/v-key) - **Year Founded:** 2011 - **HQ Location:** Singapore, SG - **Twitter:** @vkey_inc (255 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/v-key-inc (118 employees on LinkedIn®) **Reviewer Demographics:** - **Company Size:** 100% Enterprise ### 20. [V-OS Virtual Secure Element](https://www.g2.com/products/v-os-virtual-secure-element/reviews) V-OS is a virtual secure element. It is a secure sandbox that is embedded within a native iOS or Android mobile app, and creates a safe operating environment where data can be stored and cryptographic processes can be executed in isolation from the rest of the mobile app. **Average Rating:** 4.5/5.0 **Total Reviews:** 1 **User Satisfaction Scores:** - **Ease of Use:** 8.3/10 (Category avg: 8.8/10) - **Quality of Support:** 8.3/10 (Category avg: 8.9/10) **Seller Details:** - **Seller:** [V-Key](https://www.g2.com/sellers/v-key) - **Year Founded:** 2011 - **HQ Location:** Singapore, SG - **Twitter:** @vkey_inc (255 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/v-key-inc (118 employees on LinkedIn®) **Reviewer Demographics:** - **Company Size:** 100% Enterprise ### 21. [Data Theorem](https://www.g2.com/products/data-theorem-data-theorem/reviews) RamQuest’s solutions include our fully integrated closing, escrow accounting, imaging, transaction management, esigning, and digital marketplace solutions and are available on-premise or in a hosted environment **Average Rating:** 4.0/5.0 **Total Reviews:** 1 **Seller Details:** - **Seller:** [Data Theorem](https://www.g2.com/sellers/data-theorem) - **Year Founded:** 2013 - **HQ Location:** Palo Alto, California, United States - **LinkedIn® Page:** https://www.linkedin.com/company/datatheorem/ (94 employees on LinkedIn®) **Reviewer Demographics:** - **Company Size:** 100% Enterprise ### 22. [Digital.ai Application Protection](https://www.g2.com/products/digital-ai-application-protection/reviews) Digital.ai Application Protection offers protection and management solutions for IoT, mobile, and other applications. **Seller Details:** - **Seller:** [Digital.ai](https://www.g2.com/sellers/digital-ai) - **HQ Location:** Raleigh, NC - **Twitter:** @digitaldotai (818 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/65034840/ (945 employees on LinkedIn®) ### 23. [Domdog](https://www.g2.com/products/domdog/reviews) Domdog is the most flexible and no-nonsense solution for compliance with 6.4.3 and 11.6.1 requirements of PCI DSS 4.0.1. Every organization has different preferences and constraints regarding what new systems they can integrate into their payment pages. With this in mind, Domdog has been designed to support Remote Scanning, JavaScript Agent, and Content Security Policy. This ensures that no matter what an organization's preferences are, Domdog can help them meet the 6.4.3 and 11.6.1 requirements with the least amount of effort and friction. Domdog offers a range of plans that cover small businesses to large enterprises. While the Business plan focuses on cost-effectiveness and simplified compliance, the Enterprise plan focuses on maximum flexibility and managed onboarding. **Seller Details:** - **Seller:** [Domdog](https://www.g2.com/sellers/domdog) - **HQ Location:** Delaware, US - **LinkedIn® Page:** http://linkedin.com/company/domdogsec (6 employees on LinkedIn®) ### 24. [Endcrypt](https://www.g2.com/products/endcrypt/reviews) EndCrypt is a security solution implemented within the application (instead of the network or the operating system) to make it more resistant to attacks. It is a ready-to-use SDK to embed within a mobile application to secure it from environmantal threats. **Seller Details:** - **Seller:** [Procenne](https://www.g2.com/sellers/procenne) - **Year Founded:** 2013 - **HQ Location:** İstanbul, TR - **LinkedIn® Page:** https://www.linkedin.com/company/procenneds (63 employees on LinkedIn®) ### 25. [Eyeriss](https://www.g2.com/products/eyeriss/reviews) Eyeriss is an API gateway built from the ground up around security. Eyeriss has built-in conditional role-based access control, multiple authentication methods for both clients and backend services, and provides a plethora of metrics for API usage out of the box. It features a split architecture that is built for resiliency, speed, and horizontal scalability. With the defense-in-depth model, security teams and developers alike can be sure their API endpoints are strongly protected from any misuse. Eyeriss is intended to be easy to use for security engineers and developers alike, all while maintaining the capability to handle large traffic and request volumes to ensure availability to backend API services. The powerful WAF features of Eyeriss protects onboarded endpoints from a variety of attacks, greatly lowering the potential for outages and breaches. The on-prem and SaaS Enterprise offering of Eyeriss is ready for any production environment with many build-in integrations for connecting to alerting services, SEIMs, and many more tools to enhance both security teams and developers. **Seller Details:** - **Seller:** [Eyeriss](https://www.g2.com/sellers/eyeriss) - **HQ Location:** N/A - **LinkedIn® Page:** https://www.linkedin.com/company/No-Linkedin-Presence-Added-Intentionally-By-DataOps (1 employees on LinkedIn®) ## Parent Category [Application Security Software](https://www.g2.com/categories/application-security) ## Related Categories - [Runtime Application Self-Protection (RASP) Tools ](https://www.g2.com/categories/runtime-application-self-protection-rasp-tools)