### Contents

- [**Articles**](#resources-articles)
- [**Discussions**](#resources-discussions)
- [**Reports**](#resources-reports)

# Dynamic Application Security Testing (DAST) Software Resources

##### Articles, Discussions, and Reports to expand your knowledge on Dynamic Application Security Testing (DAST) Software

Resource pages are designed to give you a cross-section of information we have on specific categories. You'll find [articles](#resources-articles) from our experts, [discussions](#resources-discussions) from users like you, and [reports](#resources-reports) from industry data.

[ContentsExpand/Collapse Contents](#)
- [**Articles**](#resources-articles)
- [**Discussions**](#resources-discussions)
- [**Reports**](#resources-reports)

## Dynamic Application Security Testing (DAST) Software Articles

[![Vulnerability Scanners: Types, Benefits, And Top 5 Scanners](https://learn.g2.com/hubfs/G2CM_FI719_Learn_Articles_Images_%5Bintrusion_detection%5D_V1a.png "Vulnerability Scanners: Types, Benefits, And Top 5 Scanners")](https://www.g2.com/articles/vulnerability-scanner)

[
### Vulnerability Scanners: Types, Benefits, And Top 5 Scanners
](https://www.g2.com/articles/vulnerability-scanner)
Vulnerability scanners are crucial line of defense protecting web application from the fast evolving and dangerous cyberthreats.&nbsp;This software assesses your network and systems for vulnerabilities and reports the risks associated with them. There are many vulnerability scanning tools available in the industry, but as every organization's need varies, so does the best choice in vulnerability scanners.&nbsp;

[
 ![Sagar Joshi](/assets/transparent-ad5be28fbcd25b7b08d2cebe1d957125437fb5407d75ee717965ad22c8808791.gif "Sagar Joshi")
SJ

](https://learn.g2.com/author/sagar-joshi)

by Sagar Joshi

[![G2 Launches Interactive Application Security Testing (IAST) Software Category](https://learn.g2.com/hubfs/IAST-AC.jpg "G2 Launches Interactive Application Security Testing (IAST) Software Category")](https://www.g2.com/articles/g2-launches-interactive-application-security-testing-iast-category)

[
### G2 Launches Interactive Application Security Testing (IAST) Software Category
](https://www.g2.com/articles/g2-launches-interactive-application-security-testing-iast-category)
The DevSecOps software space continues to evolve as product development teams work to adopt “secure by default” delivery strategies. In February 2022, G2 launched its Interactive Application Security Testing (IAST) Software category to represent a key testing approach.

[
 ![Adam Crivello](/assets/transparent-ad5be28fbcd25b7b08d2cebe1d957125437fb5407d75ee717965ad22c8808791.gif "Adam Crivello")
AC

](https://learn.g2.com/author/adam-crivello)

by Adam Crivello

[![What Is DevSecOps, and How Is It Different from DevOps?](https://sell.g2.com/hubfs/ideas-whiteboard-person-working-7369.jpg "What Is DevSecOps, and How Is It Different from DevOps?")](https://www.g2.com/articles/what-is-devsecops-and-how-is-it-different-from-devops)

[
### What Is DevSecOps, and How Is It Different from DevOps?
](https://www.g2.com/articles/what-is-devsecops-and-how-is-it-different-from-devops)
The golden age of DevOps software best practices has settled upon us like a cozy blanket of consistency. Within this utopia of perfect change management and well-oiled industry standards, a natural progression toward airtight cybersecurity called DevSecOps emerged.&nbsp; 

[
 ![Adam Crivello](/assets/transparent-ad5be28fbcd25b7b08d2cebe1d957125437fb5407d75ee717965ad22c8808791.gif "Adam Crivello")
AC

](https://learn.g2.com/author/adam-crivello)

by Adam Crivello

[![SAST vs. DAST: Application Security Testing Explained](https://learn.g2.com/hubfs/iot-security.jpg "SAST vs. DAST: Application Security Testing Explained")](https://www.g2.com/articles/sast-vs-dast)

[
### SAST vs. DAST: Application Security Testing Explained
](https://www.g2.com/articles/sast-vs-dast)
As a result of the booming cloud application market, companies are increasingly — and rationally — concerned with the security of their applications and the data associated with them.

[
 ![Aaron Walker](/assets/transparent-ad5be28fbcd25b7b08d2cebe1d957125437fb5407d75ee717965ad22c8808791.gif "Aaron Walker")
AW

](https://learn.g2.com/author/aaron-walker)

by Aaron Walker

Show More

## Dynamic Application Security Testing (DAST) Software Discussions

0

[Which DAST software integrates with CI/CD pipelines?](/discussions/which-dast-software-integrates-with-ci-cd-pipelines)

Hey everyone,

I’ve been helping DevSecOps teams evaluate **DAST (Dynamic Application Security Testing)** tools that plug directly into CI/CD workflows — triggering scans automatically after builds or deployments. I pulled insights from G2’s latest DAST grid and user reviews to find which solutions offer tight CI/CD integration.

Here are the top five (in order of G2 presence/satisfaction):

- [**Tenable Nessus**](https://www.g2.com/products/tenable-nessus/reviews) **:** flagship scanner with robust automation hooks; supports API triggers and feed-back loops inside CI pipelines.
- [**Jit**](https://www.g2.com/products/jit/reviews) **:** &nbsp;designed for developer-centric CI/CD environments, seamless pipeline integration and fast feedback to dev teams.
- [**Aikido Security**](https://www.g2.com/products/aikido-security/reviews) **:** &nbsp;newer but well-rated for pipeline-native DAST with minimal setup and strong automation focus.
- [**Akto**](https://www.g2.com/products/akto/reviews) **:** &nbsp;API-first DAST tool built for microservices and CI environments; supports CI triggers and automated test flows.
- [**Astra Pentest**](https://www.g2.com/products/astra-pentest/reviews) **:&nbsp;** combines automation with manual review; integrates into CI/CD pipelines via webhooks/CLI for continuous scanning.

I based this on **G2 satisfaction and feature data** , plus user feedback around how well each tool fits into build/test/deploy workflows. Also hearing good things about **Invicti** and **GitLab DAST** for CI/CD integration — anyone here using these? What's been the experience?

Which DAST tools have you actually integrated into CI/CD pipelines — and what bottlenecks or wins did you see?

Answered: Soundarya Jayaraman on October 28, 2025

[Your answer](/discussions/which-dast-software-integrates-with-ci-cd-pipelines/comments/new?remote=true)

0

[Best DAST solutions for cloud-native applications?](/discussions/best-dast-solutions-for-cloud-native-applications)

Hey everyone,

I’ve been helping a few DevSecOps teams evaluate **DAST (Dynamic Application Security Testing) tools designed for cloud-native applications** — microservices, APIs, containers, serverless. I looked through G2’s DAST category and review data, plus vendor features, to identify which platforms perform strongly in modern cloud/native stacks.

Here’s what stood out (based on G2 Grid order):

- [**Tenable Nessus**](https://www.g2.com/products/tenable-nessus/reviews) **:** the category leader; great for vulnerability scanning across cloud workloads, containers, and dynamic app environments.
- [**Jit**](https://www.g2.com/products/jit/reviews) **:** built for DevSecOps workflows; integrates directly into CI/CD pipelines for automated runtime and API testing in cloud-native stacks.
- [**Aikido Security**](https://www.g2.com/products/aikido-security/reviews) **:** strong for modern app architectures; automates scanning across cloud deployments with simple setup and actionable reporting.
- [**Akto**](https://www.g2.com/products/akto/reviews) **:** API-first DAST designed for microservices and distributed systems; ideal for testing cloud-based REST and GraphQL endpoints.
- [**Astra Pentest**](https://www.g2.com/products/astra-pentest/reviews) **:&nbsp;** combines automated DAST with manual testing for hybrid and multi-cloud environments; solid for ongoing app security validation.

I based this on **G2 satisfaction and feature-level data** , plus user reviews focused on cloud-native coverage, automation depth, and integration flexibility. Anyone here using these tools? Can you share your experience?

Which DAST tools have actually handled your cloud-native workloads well — especially for scanning APIs, containers, or microservices without breaking the pipeline?

Answered: Soundarya Jayaraman on October 28, 2025

[Your answer](/discussions/best-dast-solutions-for-cloud-native-applications/comments/new?remote=true)

0

[Best tools for detecting runtime security issues?](/discussions/best-tools-for-detecting-runtime-security-issues)

Hey everyone,

I’ve been helping a few DevSecOps teams find tools that go beyond code and scan for **security issues during runtime** — catching threats as they happen, not just in pre-deployment tests. I pulled insights from G2’s latest [**DAST Software**](https://www.g2.com/categories/dynamic-application-security-testing-dast) **Grid** and user reviews to see which platforms perform best for real-time detection, automation, and continuous protection.

Here are the top tools to look at:

- [**Tenable Nessus**](https://www.g2.com/products/tenable-nessus/reviews) **:** a clear leader for vulnerability detection across environments; great for continuous monitoring and runtime scanning within CI/CD workflows.
- [**Jit**](https://www.g2.com/products/jit/reviews) **:** &nbsp;designed for DevSecOps-first pipelines; combines runtime monitoring with automated detection for faster response to live security issues.
- [**Aikido Security**](https://www.g2.com/products/aikido-security/reviews) **:** &nbsp;newer but highly rated for runtime threat detection and automated remediation; strong focus on app and cloud workloads.
- [**Akto**](https://www.g2.com/products/akto/reviews) **:** &nbsp;API-first platform that identifies runtime risks like broken authentication or exposed endpoints; great for microservice-heavy teams.
- [**Astra Pentest**](https://www.g2.com/products/astra-pentest/reviews) **:&nbsp;** blends runtime protection with manual and automated pentesting; ideal for continuous security coverage across production environments.

I based this on **G2 satisfaction and feature data** , plus user feedback around runtime visibility and alert accuracy. Also hearing good things about **Sysdig Secure** and **Aqua Security** for runtime protection in containerized setups — anyone here using those?

Which runtime security tools have actually caught live vulnerabilities for your team — and how do you balance detection speed with system performance?

Answered: Soundarya Jayaraman on October 28, 2025

[Your answer](/discussions/best-tools-for-detecting-runtime-security-issues/comments/new?remote=true)

- [&lsaquo; Prev‹ Prev](/es/categories/dynamic-application-security-testing-dast/resources)
- [1](/es/categories/dynamic-application-security-testing-dast/resources)
- 2
- [3](/es/categories/dynamic-application-security-testing-dast/resources?discussions_page=3)
- [4](/es/categories/dynamic-application-security-testing-dast/resources?discussions_page=4)
- [5](/es/categories/dynamic-application-security-testing-dast/resources?discussions_page=5)
- [6](/es/categories/dynamic-application-security-testing-dast/resources?discussions_page=6)
- …
- [13](/es/categories/dynamic-application-security-testing-dast/resources?discussions_page=13)
- [14](/es/categories/dynamic-application-security-testing-dast/resources?discussions_page=14)
- [Next &rsaquo;Next ›](/es/categories/dynamic-application-security-testing-dast/resources?discussions_page=3)

## Dynamic Application Security Testing (DAST) Software Reports

Mid-Market Grid® Report for Dynamic Application Security Testing (DAST)

Summer 2026

G2 Report: Grid® Report

Grid® Report for Dynamic Application Security Testing (DAST)

Summer 2026

G2 Report: Grid® Report

Enterprise Grid® Report for Dynamic Application Security Testing (DAST)

Summer 2026

G2 Report: Grid® Report

Momentum Grid® Report for Dynamic Application Security Testing (DAST)

Summer 2026

G2 Report: Momentum Grid® Report

Small-Business Grid® Report for Dynamic Application Security Testing (DAST)

Summer 2026

G2 Report: Grid® Report

Enterprise Grid® Report for Dynamic Application Security Testing (DAST)

Spring 2026

G2 Report: Grid® Report

Small-Business Grid® Report for Dynamic Application Security Testing (DAST)

Spring 2026

G2 Report: Grid® Report

Mid-Market Grid® Report for Dynamic Application Security Testing (DAST)

Spring 2026

G2 Report: Grid® Report

Grid® Report for Dynamic Application Security Testing (DAST)

Spring 2026

G2 Report: Grid® Report

Momentum Grid® Report for Dynamic Application Security Testing (DAST)

Spring 2026

G2 Report: Momentum Grid® Report