Top Free Interactive Application Security Testing (IAST) Software

Check out our list of free Interactive Application Security Testing (IAST) Software. Products featured on this list are the ones that offer a free trial version. As with most free versions, there are limitations, typically time or features.

If you'd like to see more products and to evaluate additional feature options, compare all Interactive Application Security Testing (IAST) Software to ensure you get the right product.

View Free Interactive Application Security Testing (IAST) Software

G2 takes pride in showing unbiased reviews on user satisfaction in our ratings and reports. We do not allow paid placements in any of our ratings, rankings, or reports. Learn about our scoring methodologies.
10 Interactive Application Security Testing (IAST) Products Available
View all Interactive Application Security Testing (IAST) Software
View all Interactive Application Security Testing (IAST) Software
Contrast Security
(49)4.5 out of 5
3rd Easiest To Use in Interactive Application Security Testing (IAST) software
OverviewUser Satisfaction
Product Description

Contrast Security is the global leader in Application Detection and Response (ADR), empowering organizations to see and stop attacks on applications and APIs in real time. Contrast embeds patented thr

Demographics
UsersNo information available
IndustriesInsurance, Information Technology and Services
Market Segment67% Enterprise, 20% Mid-Market
User SatisfactionWhat G2 Users Think
Contrast Security features and usability ratings that predict user satisfaction
8.6
Ease of Use
Average: 8.2
9.3
Quality of Support
Average: 8.8
9.0
Has the product been a good partner in doing business?
Average: 9.2
8.9
Ease of Admin
Average: 8.5
What G2 Users ThinkSeller Details
Verified User in Insurance
EI
Contrast delivers easy and fast vulnerability data about our applications (IDE environments) that continues through production with the RASP... Read review
D Santhosh K.
DK
It's free to some extent Fast then most security scanners Read review
Seller Details
Seller
Contrast Security
Company Website
Year Founded
2014
HQ Location
Pleasanton, CA
Twitter
@contrastsec
5,492 Twitter followers
LinkedIn® Page
www.linkedin.com
224 employees on LinkedIn®
HCL AppScan
(76)4.1 out of 5
Entry Level Price:Free
4th Easiest To Use in Interactive Application Security Testing (IAST) software
OverviewUser Satisfaction
Product Description

HCL AppScan is a comprehensive suite of market-leading application security testing solutions (SAST, DAST, IAST, SCA, API), available on-premises and on-cloud. These powerful DevSecOps tools pinpoint

Demographics
UsersNo information available
IndustriesInformation Technology and Services, Computer & Network Security
Market Segment54% Enterprise, 28% Small-Business
User SatisfactionWhat G2 Users Think
HCL AppScan features and usability ratings that predict user satisfaction
8.5
Ease of Use
Average: 8.2
8.5
Quality of Support
Average: 8.8
8.8
Has the product been a good partner in doing business?
Average: 9.2
8.7
Ease of Admin
Average: 8.5
What G2 Users ThinkSeller Details
Banyu A.
BA
One of the best tools for app security. Easy to use and good documentation. Read review
Verified User in Computer & Network Security
AC
trustful assessment easy to use automatic scans Read review
Seller Details
Seller
HCL Technologies
Year Founded
1999
HQ Location
Noida, Uttar Pradesh
Twitter
@hcltech
425,702 Twitter followers
LinkedIn® Page
www.linkedin.com
251,395 employees on LinkedIn®
Ownership
NSE - National Stock Exchange of India
G2 Advertising
Sponsored
G2 Advertising
Get 2x conversion than Google Ads with G2 Advertising!
G2 Advertising places your product in premium positions on high-traffic pages and on targeted competitor pages to reach buyers at key comparison moments.
Learn More
Checkmarx
(36)4.2 out of 5
5th Easiest To Use in Interactive Application Security Testing (IAST) software
OverviewUser Satisfaction
Product Description

Checkmarx is the leader in agentic application security, delivering enterprise-grade protection while lowering engineering costs and accelerating development velocity. The Checkmarx One platform scans

Demographics
UsersNo information available
IndustriesInformation Technology and Services, Computer Software
Market Segment58% Enterprise, 25% Mid-Market
User SatisfactionWhat G2 Users Think
Checkmarx features and usability ratings that predict user satisfaction
8.2
Ease of Use
Average: 8.2
8.3
Quality of Support
Average: 8.8
8.3
Has the product been a good partner in doing business?
Average: 9.2
7.9
Ease of Admin
Average: 8.5
What G2 Users ThinkSeller Details
Verified User in Renewables & Environment
AR
Static analysis & Apex Overview of unpackaged code Read review
Hatim B.
HB
Our choice of Checkmarx as a static code audit tool was done after a long reflection. the richness in terms of languages and the customization of... Read review
Seller Details
Seller
Checkmarx
Year Founded
2006
HQ Location
Paramus, NJ
Twitter
@Checkmarx
7,217 Twitter followers
LinkedIn® Page
www.linkedin.com
997 employees on LinkedIn®
OpenText Core Application Security
(34)4.1 out of 5
2nd Easiest To Use in Interactive Application Security Testing (IAST) software
OverviewUser Satisfaction
Product Description

Fortify on Demand (FoD) is a complete Application Security as a Service solution. It offers an easy way to get started with the flexibility to scale. In addition to static and dynamic, Fortify on Dema

Demographics
UsersNo information available
IndustriesInformation Technology and Services
Market Segment41% Enterprise, 32% Small-Business
User SatisfactionWhat G2 Users Think
OpenText Core Application Security features and usability ratings that predict user satisfaction
8.2
Ease of Use
Average: 8.2
7.9
Quality of Support
Average: 8.8
9.0
Has the product been a good partner in doing business?
Average: 9.2
8.9
Ease of Admin
Average: 8.5
What G2 Users ThinkSeller Details
Verified User in Computer Software
UC
HPE Fortify's scans are the best in the industry. There isn't a competitor that can match them in their feature suite and the depth of their... Read review
AM
We use the HP Fortify on Demand SaaS, this allows us to free up resources from having to spend time maintaining the infrastructure. The product... Read review
Seller Details
Seller
OpenText
Year Founded
1991
HQ Location
Waterloo, ON
Twitter
@OpenText
21,592 Twitter followers
LinkedIn® Page
www.linkedin.com
23,270 employees on LinkedIn®
Ownership
NASDAQ:OTEX
Semgrep
(54)4.6 out of 5
Entry Level Price:Starting at $40.00
View top Consulting Services for Semgrep
OverviewUser Satisfaction
Product Description

Semgrep is a modern static analysis (SAST), software composition analysis (SCA), and secrets detection platform designed for both developers and security teams. It combines fast, deterministic analysi

Demographics
UsersNo information available
IndustriesInformation Technology and Services, Computer Software
Market Segment46% Enterprise, 41% Mid-Market
User SatisfactionWhat G2 Users Think
Semgrep features and usability ratings that predict user satisfaction
9.1
Ease of Use
Average: 8.2
8.8
Quality of Support
Average: 8.8
9.6
Has the product been a good partner in doing business?
Average: 9.2
9.1
Ease of Admin
Average: 8.5
What G2 Users ThinkSeller Details
Verified User in Financial Services
AF
Easy to add custom rules (e.g. by using the online rule editor). Also, Semgrep App has some nice, convenient features (like private rule repository). Read review
Verified User in Information Technology and Services
AI
The Semgrep supply chain is a boon for application and product security teams. Backed by the already solid Semgrep engine, it can quickly surface... Read review
Seller Details
Seller
Semgrep
Company Website
Year Founded
2017
HQ Location
San Francisco, US
Twitter
@semgrep
4,201 Twitter followers
LinkedIn® Page
www.linkedin.com
238 employees on LinkedIn®
Akto API Security Platform
(54)4.5 out of 5
Entry Level Price:Free
OverviewUser Satisfaction
Product Description

Akto is a trusted platform for application security and product security teams to build an enterprise-grade API security program throughout their DevSecOps pipeline. Our industry-leading suite of — AP

Demographics
UsersNo information available
IndustriesFinancial Services, Computer Software
Market Segment44% Mid-Market, 33% Small-Business
User SatisfactionWhat G2 Users Think
Akto API Security Platform features and usability ratings that predict user satisfaction
8.6
Ease of Use
Average: 8.2
9.0
Quality of Support
Average: 8.8
9.1
Has the product been a good partner in doing business?
Average: 9.2
8.4
Ease of Admin
Average: 8.5
What G2 Users ThinkSeller Details
Gopikrishna C.
GC
Akto.io has been an outstanding tool for our team. Its user-friendly interface and powerful features have significantly streamlined our workflow.... Read review
Verified User in Financial Services
AF
I've been using Akto for a while, starting with the free version before upgrading to the professional plan, and it’s been an amazing experience.... Read review
Seller Details
Seller
Akto.io
Company Website
Year Founded
2022
HQ Location
San Francisco, California
Twitter
@Aktodotio
1,348 Twitter followers
LinkedIn® Page
www.linkedin.com
29 employees on LinkedIn®
GuardRails
(29)4.3 out of 5
Entry Level Price:Free
OverviewUser Satisfaction
Product Description

GuardRails is an end-to-end security platform that makes AppSec easier for both security and development teams. We scan, detect, and provide real-time guidance to fix vulnerabilities early. Trusted b

Demographics
UsersNo information available
IndustriesInformation Technology and Services, Financial Services
Market Segment52% Small-Business, 48% Mid-Market
User SatisfactionWhat G2 Users Think
GuardRails features and usability ratings that predict user satisfaction
8.3
Ease of Use
Average: 8.2
8.5
Quality of Support
Average: 8.8
9.4
Has the product been a good partner in doing business?
Average: 9.2
8.7
Ease of Admin
Average: 8.5
What G2 Users ThinkSeller Details
Ranu M.
RM
It helps developers secure code from any unwanted security issues caused during the development or implementation of technology and notify as soon... Read review
Seller Details
Seller
GuardRails
Year Founded
2017
HQ Location
Singapore, Singapore
Twitter
@guardrailsio
1,556 Twitter followers
LinkedIn® Page
www.linkedin.com
13 employees on LinkedIn®
PT Application Inspector
(3)5.0 out of 5
OverviewUser Satisfaction
Product Description

PT Application Inspector™ (PT AI™) is a comprehensive source code analysis tool that offers protection for web applications of any scale. Its holistic approach combines the advantages of static, dynam

Demographics
UsersNo information available
IndustriesNo information available
Market Segment67% Enterprise, 33% Small-Business
User SatisfactionWhat G2 Users Think
PT Application Inspector features and usability ratings that predict user satisfaction
10.0
Ease of Use
Average: 8.2
10.0
Quality of Support
Average: 8.8
10.0
Has the product been a good partner in doing business?
Average: 9.2
10.0
Ease of Admin
Average: 8.5
What G2 Users ThinkSeller Details
Verified User in Banking
UB
We found the best price in the market and got good scan results. This is the only solution we found on the market which able to build exploit... Read review
Seller Details
Seller
Positive Technologies
HQ Location
N/A
Twitter
@PTsecurity_UK
6 Twitter followers
LinkedIn® Page
www.linkedin.com
734 employees on LinkedIn®
ZeroThreat
(11)4.8 out of 5
Free trial available
OverviewUser Satisfaction
Product Description

ZeroThreat is an AI-powered web application and API penetration testing platform designed to identify real, exploitable vulnerabilities, not just surface-level findings. Built for modern engineering t

Demographics
UsersNo information available
IndustriesNo information available
Market Segment45% Enterprise, 27% Mid-Market
User SatisfactionWhat G2 Users Think
ZeroThreat features and usability ratings that predict user satisfaction
8.8
Ease of Use
Average: 8.2
9.4
Quality of Support
Average: 8.8
9.4
Has the product been a good partner in doing business?
Average: 9.2
8.8
Ease of Admin
Average: 8.5
What G2 Users ThinkSeller Details
DM
Our client loves the visibility across all System, Network, AWS, Azure as well to Active Directory, which comes very handy during DDOS attacks.... Read review
Denae V.
DV
I love how ZeroThreat seamlessly integrates into our existing workflow, ensuring that our applications and APIs remain secure without adding extra... Read review
Seller Details
Seller
ZeroThreat
HQ Location
Delaware, US
LinkedIn® Page
www.linkedin.com
6 employees on LinkedIn®
esChecker MAST (SAST, DAST & IAST)
(2)4.3 out of 5
OverviewUser Satisfaction
Product Description

esChecker combines many years of penetration testing experience with a unique dynamic engine simulating attack techniques, such as reverse-engineering or code tampering. No source code is needed, on

Demographics
UsersNo information available
IndustriesNo information available
Market Segment100% Small-Business
User SatisfactionWhat G2 Users Think
esChecker MAST (SAST, DAST & IAST) features and usability ratings that predict user satisfaction
10.0
Ease of Use
Average: 8.2
10.0
Quality of Support
Average: 8.8
0.0
No information available
0.0
No information available
What G2 Users ThinkSeller Details
Donatien C.
DC
It provides very complete sets of security tests both on Android and iOS. The simple interface is easily adopted by every team member. A dashboard... Read review
Thomas G.
TG
esChecker makes it really easy to deal with mobile security. The interface is easy to use and the campaigns are well explained. The reports are... Read review
Seller Details
Seller
eShard
Year Founded
2015
HQ Location
Pessac, FR
LinkedIn® Page
www.linkedin.com
47 employees on LinkedIn®