# Best Penetration Testing Tools for Small Business - Page 2

*By [Lauren Worth](https://research.g2.com/insights/author/lauren-worth)*


Products classified in the overall Penetration Testing category are similar in many regards and help companies of all sizes solve their business problems. However, small business features, pricing, setup, and installation differ from businesses of other sizes, which is why we match buyers to the right Small Business Penetration Testing to fit their needs. Compare product ratings based on reviews from enterprise users or connect with one of G2&#39;s buying advisors to find the right solutions within the Small Business Penetration Testing category.

In addition to qualifying for inclusion in the Penetration Testing Tools category, to qualify for inclusion in the Small Business Penetration Testing Tools category, a product must have at least 10 reviews left by a reviewer from a small business.





---
## What Are the Most Common Questions About Penetration Testing Tools?
*AI-generated · Last updated: May 26, 2026*
### What platform integrates penetration testing with security monitoring tools?
Based on G2 reviews, several penetration testing platforms mention integrations that help security teams connect findings to their broader workflows. According to verified users, [Cobalt](https://www.g2.com/products/cobalt-io-cobalt/reviews) stands out for integrations with Slack, ticketing systems, APIs, and Google Sheets workflows, which reviewers say helps teams collaborate with testers and move findings into remediation faster. G2 reviewers also mention platforms like [Edgescan](https://www.g2.com/products/edgescan/reviews) and [Strobes Security](https://www.g2.com/products/strobes-security/reviews) for connecting with Jira and other security operations processes. Across reviews, buyers most often value integrations that reduce back-and-forth, keep findings visible, and support ongoing vulnerability tracking rather than one-time reporting.


### What platform provides compliance-focused penetration testing?
Based on G2 reviews, compliance is a common reason buyers choose penetration testing tools, but [Cobalt](https://www.g2.com/products/cobalt-io-cobalt/reviews) appears most often in recent review data and is frequently described as helping teams meet annual testing, PCI, SOC 2, HIPAA, and broader audit requirements. According to verified users, reviewers value its straightforward reporting, retesting workflows, and support for external and internal assessments tied to compliance needs. G2 reviewers mention that it helps security teams demonstrate requirements to customers and auditors while giving developers findings they can act on. Reviews also note tradeoffs such as pricing and occasional variation in tester depth, but compliance support and easy-to-share reports are recurring strengths.


### Which vendor offers AI-powered threat simulation?
Based on G2 reviews, [Pentera](https://www.g2.com/products/pentera/reviews) is the clearest fit for AI-powered threat simulation in this category. According to verified users, reviewers describe Pentera as automating attack simulation in a way that mimics real attackers, validates exploitable paths, and helps teams focus on real risk rather than broad vulnerability lists. G2 reviewers mention AI-driven insights, automated validation, and continuous testing as strengths that help security teams prioritize remediation and reduce manual effort. Some users also note setup complexity, reporting customization limits, or higher cost, but the reviews consistently frame Pentera as a platform built around automated attack emulation and validation rather than just traditional scanning.


### Which penetration testing platform offers the most comprehensive vulnerability coverage?
Based on G2 reviews, buyers describe comprehensive coverage in different ways, including application, network, API, cloud, and continuous testing support. According to verified users, [Cobalt](https://www.g2.com/products/cobalt-io-cobalt/reviews) is praised for external and internal testing, application assessments, collaboration with testers, and retesting. G2 reviewers also highlight [Astra Pentest](https://www.g2.com/products/astra-pentest/reviews) for combining automated scanning with manual validation across web apps, APIs, and cloud-related findings, while [vPenTest](https://www.g2.com/products/vpentest/reviews) is often cited for broad automated internal and external coverage with clear reports. In reviews, the most comprehensive platforms tend to balance strong discovery, practical remediation guidance, and enough testing breadth to support both engineering and compliance goals.

**Here are some of the top-rated products on G2:**

- [Cobalt](https://www.g2.com/products/cobalt-io-cobalt/reviews) – often used for external, internal, application, and compliance-driven testing with collaborative remediation workflows
- [vPenTest](https://www.g2.com/products/vpentest/reviews) – commonly used for automated internal and external testing with clear reporting for recurring assessments
- [Astra Pentest](https://www.g2.com/products/astra-pentest/reviews) – frequently chosen for web app, API, and cloud-related testing with validated findings and responsive support


### What is the most affordable penetration testing software for SMBs?
Based on G2 reviews, affordability for SMBs usually means faster setup, repeatable testing, and lower overhead than traditional engagements. According to verified users, [vPenTest](https://www.g2.com/products/vpentest/reviews) is often described as a cost-effective option for smaller businesses and MSPs because it supports recurring testing, clear customer-friendly reporting, and easier self-managed workflows. G2 reviewers mention that it helps teams test more frequently without the effort and delay of manual-only engagements. Reviewers also note that some findings may still need manual verification and that scan or report turnaround can vary, but the platform is repeatedly framed as strong value for teams that need practical security coverage on tighter budgets.

**Here are some of the top-rated products on G2:**

- [vPenTest](https://www.g2.com/products/vpentest/reviews) – often chosen by MSPs and smaller teams for affordable recurring internal and external testing
- [Cobalt](https://www.g2.com/products/cobalt-io-cobalt/reviews) – reviewers describe it as reasonable for some use cases, especially when teams value reporting and tester collaboration
- [Astra Pentest](https://www.g2.com/products/astra-pentest/reviews) – users often highlight strong value from validated findings, responsive support, and efficient remediation workflows


### Which vendor provides real-time penetration testing reports?
Based on G2 reviews, [Cobalt](https://www.g2.com/products/cobalt-io-cobalt/reviews) is most consistently associated with real-time penetration testing visibility. According to verified users, reviewers say vulnerabilities appear in the dashboard as testers discover them, which allows teams to ask questions immediately, validate fixes faster, and keep remediation aligned with development work. G2 reviewers mention direct collaboration through the platform and Slack, plus continuous updates rather than waiting only for a final report. While some reviews note variability in tester quality or report interface improvements they would like to see, the recurring theme is immediate findings visibility and active communication during the engagement rather than delayed, static reporting.


### What is the top-rated penetration testing platform for enterprises?
Based on G2 reviews, enterprise buyers tend to prioritize scalability, reporting, collaboration, and dependable remediation workflows. According to verified users, [Cobalt](https://www.g2.com/products/cobalt-io-cobalt/reviews) is the most visible choice in recent review data and is often described as fitting enterprise needs through real-time findings visibility, ticketing integrations, structured retesting, and support for recurring application and infrastructure testing. G2 reviewers mention that it works well for security teams that need to coordinate across engineering, compliance, and stakeholder reporting. Some users note pricing or scoping constraints, but reviews repeatedly describe Cobalt as a mature option for organizations managing larger programs and ongoing testing demands.

**Here are some of the top-rated products on G2:**

- [Cobalt](https://www.g2.com/products/cobalt-io-cobalt/reviews) – frequently used by larger teams for collaborative testing, retesting, and integration with engineering workflows
- [Astra Pentest](https://www.g2.com/products/astra-pentest/reviews) – valued for dashboard visibility, manual-plus-automated testing, and structured support through remediation
- [vPenTest](https://www.g2.com/products/vpentest/reviews) – used for scalable recurring assessments with strong reporting and self-managed scheduling


### Which tool supports penetration testing for cloud environments?
Based on G2 reviews, several products are used for cloud-related penetration testing, but buyers often call out support for cloud apps, infrastructure visibility, and validation of cloud exposures. According to verified users, [Astra Pentest](https://www.g2.com/products/astra-pentest/reviews) is noted for cloud target integration and reviews that cover misconfigurations, exposed services, IAM gaps, and broader attack-surface visibility. G2 reviewers also mention [Intruder](https://www.g2.com/products/intruder/reviews) for scanning cloud resources across environments like AWS and Azure, and [Cobalt](https://www.g2.com/products/cobalt-io-cobalt/reviews) for cloud and web application tests scheduled around changing development needs. In reviews, the strongest cloud tools combine clear reporting with practical remediation guidance.


### What is the best tool for simulating cyberattacks?
Based on G2 reviews, the best fit for cyberattack simulation depends on whether teams want validated attack paths, automation, or continuous testing. According to verified users, [Pentera](https://www.g2.com/products/pentera/reviews) is repeatedly described as simulating real attacker behavior, including lateral movement, validation of exploitable weaknesses, and clear attack-path organization. G2 reviewers mention that it helps teams understand real risk, reduce manual effort, and focus remediation on what is actually actionable. Reviews also note occasional concerns around installation complexity, reporting customization, or cost, but the product is consistently positioned as a strong option for organizations that want realistic attack simulation rather than basic vulnerability discovery alone.

**Here are some of the top-rated products on G2:**

- [Pentera](https://www.g2.com/products/pentera/reviews) – designed for attacker-style simulation with validated attack paths and remediation guidance
- [NodeZero from Horizon3.ai](https://www.g2.com/products/nodezero-from-horizon3-ai/reviews) – used for automated attack-path testing and repeated validation after fixes
- [RidgeBot](https://www.g2.com/products/ridgebot/reviews) – valued for simulating exploitability and helping teams prioritize risks based on validated impact


### Which solution supports both automated and manual penetration testing?
Based on G2 reviews, [Astra Pentest](https://www.g2.com/products/astra-pentest/reviews) is strongly associated with combining automated scanning and manual penetration testing in one workflow. According to verified users, reviewers say this approach helps validate findings, reduce false positives, and keep teams focused on real issues instead of generic scanner output. G2 reviewers mention a unified dashboard, responsive support, and easier tracking of findings, remediation, and certification-related progress. Some users would like smoother onboarding or faster communication in certain cases, but the recurring review pattern is clear: Astra is chosen by teams that want the efficiency of automation alongside human verification and collaborative remediation support.




## G2 Grid® for Penetration Testing Tools
![G2 Grid® for Penetration Testing Tools plotting products by satisfaction and market presence](https://www.g2.com/categories/penetration-testing-tools/grids.png?focus%5B%5D=168853&focus%5B%5D=154599&focus%5B%5D=55515&focus%5B%5D=27706&focus%5B%5D=1259627&focus%5B%5D=1333324&focus%5B%5D=20259&focus%5B%5D=1312654)
Highlighted products: vPenTest, Astra Pentest, Cobalt, Intruder, Aikido Security, Oneleet, Metasploit, and RidgeBot.
Underlying data: [Grid® JSON](https://www.g2.com/categories/penetration-testing-tools/grids.json?focus%5B%5D=vpentest&amp;focus%5B%5D=astra-pentest&amp;focus%5B%5D=cobalt-io-cobalt&amp;focus%5B%5D=intruder&amp;focus%5B%5D=aikido-security&amp;focus%5B%5D=oneleet&amp;focus%5B%5D=metasploit&amp;focus%5B%5D=ridgebot&amp;segment=small-business)


## How Many Penetration Testing Tools Products Does G2 Track?
**Total Products under this Category:** 135

### Category Stats (Jul 2026)
- **Average Rating**: 4.64/5 (↑0.01 vs Jun 2026) The average rating of products in this category, based on all submitted ratings
- **Top Trending Product**: CybaOps (+8.33%) - Among all products in this category, CybaOps recorded the largest rating increase compared to last month
*Last updated: July 17, 2026*


## How Does G2 Rank Penetration Testing Tools Products?

**Why You Can Trust G2's Software Rankings:**

- 30 Analysts and Data Experts
- 3,500+ Authentic Reviews
- 135+ Products
- Unbiased Rankings

G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category.


## Which Penetration Testing Tools Is Best for Your Use Case?

- **Best for Small Businesses:** [vPenTest](https://www.g2.com/products/vpentest/reviews)
- **Best for Mid-Market:** [Cobalt](https://www.g2.com/products/cobalt-io-cobalt/reviews)
- **Best for Enterprise:** [Pentera](https://www.g2.com/products/pentera/reviews)
- **Highest User Satisfaction:** [Oneleet](https://www.g2.com/products/oneleet/reviews)
- **Best Free Software:** [vPenTest](https://www.g2.com/products/vpentest/reviews)


---

**Sponsored**

### Intruder

Intruder&#39;s continuous exposure management platform helps security, IT, and engineering teams stop breaches before they start. By unifying AI penetration testing, attack surface monitoring, cloud security, and vulnerability management in one intuitive platform, Intruder gives stretched teams an always-on security source of truth. Our approach focuses on continuous automated scanning using expertise and agentic solutions to ensure that the findings we deliver are accurate, prioritized by real-world risk, and ready to act on. Founded in 2015 by Chris Wallis, a former ethical hacker turned corporate blue teamer, Intruder is now protecting over 3,000 companies worldwide. Intruder has been awarded multiple accolades, was selected for GCHQ’s Cyber Accelerator, included on Deloitte’s Tech Fast 50 2023 list as the fastest-growing cybersecurity company in the UK and was named in G2’s 2026 Best Software Awards.



[Visit website](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=ppc&amp;secure%5Bad_slot%5D=category_product_list&amp;secure%5Bcategory_id%5D=1519&amp;secure%5Bchosen_at%5D=2026-07-18T11%3A28%3A04Z&amp;secure%5Bdisplayable_resource_id%5D=1519&amp;secure%5Bdisplayable_resource_type%5D=Category&amp;secure%5Bmedium%5D=sponsored&amp;secure%5Bplacement_reason%5D=page_category&amp;secure%5Bplacement_resource_ids%5D%5B%5D=1519&amp;secure%5Bprioritized%5D=false&amp;secure%5Bproduct_id%5D=27706&amp;secure%5Bresource_id%5D=1519&amp;secure%5Bresource_type%5D=Category&amp;secure%5Bsource_type%5D=category_page&amp;secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fpenetration-testing-tools%2Fsmall-business%3Fpage%3D2&amp;secure%5Btoken%5D=caabe5185b2e666a14280182ca8a55ac6e004b7d3b6b3c199e852554f0c35c95&amp;secure%5Burl%5D=https%3A%2F%2Fwww.intruder.io%2F%3Futm_source%3Dg2%26utm_medium%3Dp_referral%26utm_campaign%3Dglobal%7Cfixed%7Cg2_clicks_2025&amp;secure%5Burl_type%5D=free_trial)

---

## What Are the Top-Rated Penetration Testing Tools Products in 2026?
### 1. [BugBase](https://www.g2.com/products/bugbase-bugbase/reviews)
BugBase is a Continuous Vulnerability Assessment Platform that conducts comprehensive security operations such as bug bounty programs and next-gen pentesting (VAPT) to assist startups and enterprises in effectively identifying, managing and mitigating vulnerabilities.


**Average Rating:** 4.5/5.0
**Total Reviews:** 46
**How Do G2 Users Rate BugBase?**

- **Has the product been a good partner in doing business?:** 9.5/10 (Category avg: 9.4/10)
- **Performance and Reliability:** 8.7/10 (Category avg: 9.1/10)
- **Vulnerability Scan:** 9.1/10 (Category avg: 9.1/10)
- **Extensibility:** 8.2/10 (Category avg: 8.7/10)

**Who Is the Company Behind BugBase?**

- **Seller:** [BugBase](https://www.g2.com/sellers/bugbase)
- **Year Founded:** 2021
- **HQ Location:** Singapore, US
- **Twitter:** @BugBase (1,673 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/bugbase/ (45 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer &amp; Network Security, Computer Software
- **Company Size:** 58% Small-Business, 23% Enterprise


#### What Are BugBase's Pros and Cons?

**Pros:**

- Ease of Use (25 reviews)
- User Interface (13 reviews)
- Cybersecurity (10 reviews)
- Features (10 reviews)
- Easy Integrations (9 reviews)

**Cons:**

- Slow Performance (9 reviews)
- Expensive (6 reviews)
- Difficult Setup (5 reviews)
- Learning Curve (5 reviews)
- Poor Customer Support (4 reviews)


### What Do G2 Reviewers Say About BugBase?
*AI-generated summary from verified user reviews*

**Pros:**

- Users praise the **ease of use** of BugBase, making it ideal for new bug bounty hunters.
- Users highlight the **simple and user-friendly interface** of BugBase, making it ideal for new bug bounty hunters.
- Users value the **strong cybersecurity measures** of BugBase, enhancing data confidentiality and minimizing competition for rewards.
- Users appreciate the **user-friendly interface** of BugBase, enabling seamless integration and effective security threat detection.
- Users value the **easy integrations** of BugBase, facilitating seamless collaboration within diverse tools and technologies.

**Cons:**

- Users experience **slow performance** on BugBase, with freezing and lag hindering bug hunting and overall satisfaction.
- Users find the pricing of BugBase to be **expensive** , lacking incentives compared to other bug bounty platforms.
- Users find the **difficult setup** of BugBase challenging, particularly those lacking technical expertise and experience with bug bounty programs.
- Users find the **steep learning curve** of BugBase challenging, especially those unfamiliar with bug bounty programs.
- Users report **poor customer support** from BugBase, leading to slow responses and a frustrating experience during bug hunting.

#### What Are Recent G2 Reviews of BugBase?

**"[Centralized Security and Seamless Integrations Boost Productivity](https://www.g2.com/survey_responses/bugbase-review-11939331)"**

**Rating:** 4.5/5.0 stars
*— Ronald B.*

[Read full review](https://www.g2.com/survey_responses/bugbase-review-11939331)

---

**"[Good Vapt and big bounty services](https://www.g2.com/survey_responses/bugbase-review-10751350)"**

**Rating:** 4.0/5.0 stars
*— Anamta Z.*

[Read full review](https://www.g2.com/survey_responses/bugbase-review-10751350)

---



### 2. [Detectify](https://www.g2.com/products/detectify/reviews)
Detectify sets a new standard for advanced application security testing, challenging traditional DAST by providing evolving coverage of each and every exposed asset across the changing attack surface. AppSec teams trust Detectify to expose how attackers will exploit their Internet-facing applications. The Detectify platform automates continuous real-world, payload-based attacks fuelled by its global community of elite ethical hackers into its own expert-built engines, exposing critical weaknesses before it&#39;s too late. The Detectify solution includes: - Automated discovery of known and unknown digital assets via domain &amp; cloud connectors - Continuous coverage (24/7) of every corner of the attack surface with dynamic testing. Not just predefined targets - 100% payload-based testing fuelled by elite ethical hackers for a high signal-to-noise ratio - Distributed coverage across an unmatched array of relevant technologies - Actionable remediation tips for software development teams - Team functionality to easily share reports - Powerful integrations platform to prioritize and triage vulnerability findings onward to development teams -Advanced API functionality -Capabilities to set custom attack surface security policies


**Average Rating:** 4.5/5.0
**Total Reviews:** 49
**How Do G2 Users Rate Detectify?**

- **Has the product been a good partner in doing business?:** 9.7/10 (Category avg: 9.4/10)
- **Performance and Reliability:** 9.5/10 (Category avg: 9.1/10)
- **Vulnerability Scan:** 9.3/10 (Category avg: 9.1/10)
- **Extensibility:** 7.2/10 (Category avg: 8.7/10)

**Who Is the Company Behind Detectify?**

- **Seller:** [Detectify](https://www.g2.com/sellers/detectify)
- **Year Founded:** 2013
- **HQ Location:** Stockholm, Sweden
- **Twitter:** @detectify (11,256 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/2850066/ (92 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 47% Small-Business, 35% Mid-Market


#### What Are Detectify's Pros and Cons?

**Pros:**

- Automation (2 reviews)
- Automation Testing (2 reviews)
- Customizability (2 reviews)
- Features (2 reviews)
- Security (2 reviews)

**Cons:**

- Complexity (1 reviews)
- Complex Queries (1 reviews)
- Complex Setup (1 reviews)
- Expensive (1 reviews)
- Inaccuracy (1 reviews)


### What Do G2 Reviewers Say About Detectify?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **automation capabilities** of Detectify, enjoying seamless integration and tailored security testing processes.
- Users value the **easy automation and integration** features of Detectify that enhance security testing efficiently.
- Users value the **customizability** of Detectify, enabling easy integration and tailored security testing to fit diverse needs.
- Users appreciate the **easy integration and comprehensive features** of Detectify for efficient security testing.
- Users appreciate Detectify for its **effective dynamic application security testing** , ensuring comprehensive security without complex setups.

**Cons:**

- Users find the **initial complexity** of setting up Detectify to be a challenging aspect of the product.
- Users find the **complex queries** in Detectify challenging, impacting clarity on spidering results and app assessment.
- Users find the **complex setup** of Detectify to be a challenging start, impacting its usability for newcomers.
- Users find Detectify to be **expensive** when testing multiple sites, impacting its affordability for small operations.
- Users find **inaccuracy in outcomes** from Detectify&#39;s spidering, lacking clarity on app assessment completeness.

#### What Are Recent G2 Reviews of Detectify?

**"[Vulnerability scans made easy](https://www.g2.com/survey_responses/detectify-review-9059869)"**

**Rating:** 5.0/5.0 stars
*— Arkadiusz K.*

[Read full review](https://www.g2.com/survey_responses/detectify-review-9059869)

---

**"[Very happy from an admin/IT security manager view](https://www.g2.com/survey_responses/detectify-review-8197913)"**

**Rating:** 5.0/5.0 stars
*— Björn L.*

[Read full review](https://www.g2.com/survey_responses/detectify-review-8197913)

---


#### What Are G2 Users Discussing About Detectify?

- [What is Detectify used for?](https://www.g2.com/discussions/what-is-detectify-used-for)
- [Is Detectify a DAST tool?](https://www.g2.com/discussions/is-detectify-a-dast-tool)
- [How does Detectify app work?](https://www.g2.com/discussions/how-does-detectify-app-work)
- [What does Detectify scan for?](https://www.g2.com/discussions/what-does-detectify-scan-for)
- [What is Detectify Deep scan?](https://www.g2.com/discussions/what-is-detectify-deep-scan)

### 3. [Hackrate Ethical Hacking Platform](https://www.g2.com/products/hackrate-ethical-hacking-platform/reviews)
Hackrate Ethical Hacking Platform is a crowdsourced security testing solution designed to connect businesses with ethical hackers in order to identify and remediate security vulnerabilities. By leveraging the expertise of a diverse pool of ethical hackers, Hackrate enables organizations to enhance their cybersecurity posture efficiently and effectively. The platform is tailored for businesses of all sizes, from startups to large enterprises, seeking to bolster their security measures. With the increasing frequency of cyber threats, organizations are recognizing the importance of proactive security testing. Hackrate facilitates this by allowing companies to tap into a global network of skilled ethical hackers who can provide insights and solutions to potential vulnerabilities. This collaborative approach not only accelerates the testing process but also enriches the quality of security assessments through varied perspectives and methodologies. One of the key features of Hackrate is its user-friendly interface, which simplifies the onboarding process for both businesses and ethical hackers. Companies can initiate security testing within hours, streamlining the process of vulnerability identification. This rapid deployment is critical for organizations that need to address security concerns promptly, especially in a fast-paced digital landscape. Furthermore, Hackrate offers flexible pricing plans, making it accessible for businesses with varying budgets and security needs. Security and confidentiality are paramount in the realm of cybersecurity, and Hackrate prioritizes these aspects by implementing robust encryption and adhering to industry-standard security protocols. This commitment ensures that sensitive data remains protected throughout the testing process, fostering trust between businesses and ethical hackers. By utilizing Hackrate, organizations can confidently engage in security testing without compromising their data integrity. Overall, Hackrate Ethical Hacking Platform stands out as a comprehensive solution for businesses aiming to enhance their security frameworks. By combining the expertise of ethical hackers with an efficient, secure platform, Hackrate offers a practical approach to identifying and addressing security vulnerabilities, ultimately contributing to a safer digital environment.


**Average Rating:** 4.9/5.0
**Total Reviews:** 35
**How Do G2 Users Rate Hackrate Ethical Hacking Platform?**

- **Has the product been a good partner in doing business?:** 10.0/10 (Category avg: 9.4/10)
- **Performance and Reliability:** 9.7/10 (Category avg: 9.1/10)
- **Vulnerability Scan:** 9.9/10 (Category avg: 9.1/10)
- **Extensibility:** 9.6/10 (Category avg: 8.7/10)

**Who Is the Company Behind Hackrate Ethical Hacking Platform?**

- **Seller:** [Hackrate](https://www.g2.com/sellers/hackrate)
- **Year Founded:** 2020
- **HQ Location:** Budapest, HU
- **Twitter:** @hackrate (363 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/hackrate/ (10 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 83% Small-Business, 11% Enterprise


#### What Are Hackrate Ethical Hacking Platform's Pros and Cons?

**Pros:**

- Communication (2 reviews)
- Customer Support (1 reviews)
- Ease of Use (1 reviews)
- Expertise (1 reviews)
- Guidance (1 reviews)

**Cons:**

- Poor Customer Support (1 reviews)
- Poor Interface Design (1 reviews)


### What Do G2 Reviewers Say About Hackrate Ethical Hacking Platform?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **supportive and knowledgeable communication** from Hackrate, enhancing the collaborative atmosphere of the platform.
- Users praise the **highly motivated and skilled support team** for their exceptional assistance and responsiveness.
- Users appreciate the **ease of use** of Hackrate, enjoying its straightforward rules and responsive support team.
- Users appreciate the **expertise** of Hackrate&#39;s founders, benefiting from their profound understanding of real-world ethical hacking.
- Users value the **guidance and expertise** of Hackrate&#39;s skilled team, enhancing their cybersecurity project outcomes.

**Cons:**

- Users note the **poor customer support** during busy periods, leading to delays in assistance when needed most.
- Users find the **poor interface design** of Hackrate challenging, as it lacks intuitive navigation and clear structure.

#### What Are Recent G2 Reviews of Hackrate Ethical Hacking Platform?

**"[Private Programs and a Focused Contestant Pool](https://www.g2.com/survey_responses/hackrate-ethical-hacking-platform-review-12959394)"**

**Rating:** 5.0/5.0 stars
*— Konrád J.*

[Read full review](https://www.g2.com/survey_responses/hackrate-ethical-hacking-platform-review-12959394)

---

**"[Viewpoint from an ethical hacker](https://www.g2.com/survey_responses/hackrate-ethical-hacking-platform-review-11957612)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Oil &amp; Energy*

[Read full review](https://www.g2.com/survey_responses/hackrate-ethical-hacking-platform-review-11957612)

---


#### What Are G2 Users Discussing About Hackrate Ethical Hacking Platform?

- [What is Hackrate Bug Bounty Platform used for?](https://www.g2.com/discussions/what-is-hackrate-bug-bounty-platform-used-for) - 1 comment

### 4. [APPCHECK](https://www.g2.com/products/appcheck/reviews)
AppCheck is a Dynamic Application Security Testing (DAST) and network vulnerability testing solution, developed and supported by experienced penetration testers. We approach security testing as a hacker would, leveraging multiple proprietary crawling engines to analyse target behaviour across both modern and traditional technologies, including Single Page Applications (SPAs), APIs, and complex authentication flows such as SSO, 2FA, and TOTP. Organisations can conduct unlimited security assessments across Web Applications, SPAs, APIs, cloud services, networks, across internal or external assets. Supporting production and UAT testing, AppCheck also helps organisations ‘shift left’ by integrating with CI/CD pipelines and build servers, including ADO, GitHub, Jenkins, TeamCity, CircleCI, TravisCI, Bamboo, and GitLab CI/CD. Allowing automated security testing throughout development, identifying risks as soon as changes are introduced. AppCheck are proud to be part of the CVE Numbering Authority (CNA), contributing to global security research


**Average Rating:** 4.6/5.0
**Total Reviews:** 67
**How Do G2 Users Rate APPCHECK?**

- **Has the product been a good partner in doing business?:** 9.5/10 (Category avg: 9.4/10)
- **Performance and Reliability:** 9.3/10 (Category avg: 9.1/10)
- **Vulnerability Scan:** 9.5/10 (Category avg: 9.1/10)
- **Extensibility:** 8.3/10 (Category avg: 8.7/10)

**Who Is the Company Behind APPCHECK?**

- **Seller:** [APPCHECK](https://www.g2.com/sellers/appcheck)
- **Company Website:** https://www.appcheck-ng.com
- **Year Founded:** 2014
- **HQ Location:** Leeds, GB
- **Twitter:** @AppcheckNG (649 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/appcheck-ng-ltd/ (106 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 49% Mid-Market, 30% Small-Business


#### What Are APPCHECK's Pros and Cons?

**Pros:**

- Vulnerability Detection (7 reviews)
- Ease of Use (6 reviews)
- Features (5 reviews)
- Pentesting Efficiency (5 reviews)
- Automated Scanning (4 reviews)

**Cons:**

- Poor Customer Support (2 reviews)
- UX Improvement (2 reviews)
- API Issues (1 reviews)
- Difficult Customization (1 reviews)
- Difficult Learning Curve (1 reviews)


### What Do G2 Reviewers Say About APPCHECK?
*AI-generated summary from verified user reviews*

**Pros:**

- Users highlight the **effective vulnerability detection** of AppCheck, which outshines competitors in thoroughness and ease of use.
- Users find the **ease of use** of AppCheck invaluable, simplifying complex security processes effectively and efficiently.
- Users appreciate the **excellent pricing and functionality** of AppCheck, enhancing their vulnerability management and reporting capabilities.
- Users commend AppCheck for its **exceptional pentesting efficiency** , significantly enhancing vulnerability detection and streamlining security processes.
- Users appreciate the **automated scanning** of AppCheck, benefiting from detailed reports and seamless integration with CI/CD pipelines.

**Cons:**

- Users find the **poor customer support** frustrating, as they must submit tickets for simple changes.
- Users feel that **UX improvement** is necessary, particularly in scoring systems, customization, and starting points for scans.
- Users find the **API endpoint changes cumbersome** , relying on service requests instead of having direct control.
- Users find **difficult customization** options in AppCheck, limiting the ability to tailor reports and vulnerability scoring.
- Users note a significant **difficult learning curve** with Appcheck, which can hinder initial usability and efficiency.

#### What Are Recent G2 Reviews of APPCHECK?

**"[Effortless Vulnerability Management with APPCHECK](https://www.g2.com/survey_responses/appcheck-review-12463853)"**

**Rating:** 5.0/5.0 stars
*— Aaron H.*

[Read full review](https://www.g2.com/survey_responses/appcheck-review-12463853)

---

**"[Great onboarding experience and trial](https://www.g2.com/survey_responses/appcheck-review-11771398)"**

**Rating:** 4.0/5.0 stars
*— Tyler S.*

[Read full review](https://www.g2.com/survey_responses/appcheck-review-11771398)

---



### 5. [StackHawk](https://www.g2.com/products/stackhawk/reviews)
StackHawk is reimagining AppSec for AI-driven development, where applications are built faster than traditional AppSec tools can keep up. Our AppSec Intelligence Platform combines scalable runtime testing with complete attack surface discovery from source code. We integrate directly into development workflows and provide context-aware remediations to developers, enabling teams to find and fix exploitable vulnerabilities before they reach production. With real-time visibility and centralized program intelligence, AppSec teams can prioritize testing and fixing what matters. Companies like British Airways, ITV, and Norstella trust StackHawk to evaluate application risk, prove program value, and scale testing coverage to match development velocity.


**Average Rating:** 4.6/5.0
**Total Reviews:** 67
**How Do G2 Users Rate StackHawk?**

- **Has the product been a good partner in doing business?:** 9.1/10 (Category avg: 9.4/10)
- **Performance and Reliability:** 9.2/10 (Category avg: 9.1/10)
- **Vulnerability Scan:** 9.3/10 (Category avg: 9.1/10)
- **Extensibility:** 9.2/10 (Category avg: 8.7/10)

**Who Is the Company Behind StackHawk?**

- **Seller:** [StackHawk](https://www.g2.com/sellers/stackhawk)
- **Year Founded:** 2019
- **HQ Location:** Denver, CO
- **Twitter:** @StackHawk (1,137 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/40780406/ (31 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 46% Small-Business, 35% Mid-Market


#### What Are StackHawk's Pros and Cons?

**Pros:**

- Easy Integrations (4 reviews)
- Customer Support (3 reviews)
- Customizability (3 reviews)
- Efficiency Improvement (3 reviews)
- Scanning Efficiency (3 reviews)

**Cons:**

- Complex Setup (3 reviews)
- High Learning Curve (3 reviews)
- Lacking Features (3 reviews)
- Limited Scope (3 reviews)
- Setup Complexity (3 reviews)


### What Do G2 Reviewers Say About StackHawk?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **easy integrations** of StackHawk, enhancing CI/CD pipelines and streamlining the onboarding process.
- Users commend StackHawk for its **exceptional customer support** , providing expert assistance and enhancing the overall user experience.
- Users value the **customizability** of StackHawk, appreciating its flexibility and integration options for unique workflows.
- Users find that StackHawk greatly enhances **efficiency** , enabling quicker identification and resolution of security vulnerabilities.
- Users value the **scanning efficiency** of StackHawk, enabling faster and more effective security scanning processes.

**Cons:**

- Users find the **complex setup** process frustrating due to the lack of simplified documentation and time-consuming configurations.
- Users face a **high learning curve** with StackHawk due to its complex setup and scripting requirements.
- Users find StackHawk **lacking features** , especially in API management and intuitive setup, hindering vulnerability management.
- Users note the **limited scope** of StackHawk, particularly regarding on-prem usage and automation capabilities.
- Users find **setup complexity** frustrating, as extensive YAML config trials are necessary for effective onboarding and scans.

#### What Are Recent G2 Reviews of StackHawk?

**"[A Game-Changer for DevSecOps](https://www.g2.com/survey_responses/stackhawk-review-8847655)"**

**Rating:** 5.0/5.0 stars
*— Todd L.*

[Read full review](https://www.g2.com/survey_responses/stackhawk-review-8847655)

---

**"[StackHawk is a great DAST security tool](https://www.g2.com/survey_responses/stackhawk-review-10761348)"**

**Rating:** 5.0/5.0 stars
*— David M.*

[Read full review](https://www.g2.com/survey_responses/stackhawk-review-10761348)

---


#### What Are G2 Users Discussing About StackHawk?

- [What is StackHawk used for?](https://www.g2.com/discussions/what-is-stackhawk-used-for)


## What Is Penetration Testing Tools?

[DevSecOps Software](https://www.g2.com/categories/devsecops)

## What Software Categories Are Similar to Penetration Testing Tools?

- [Vulnerability Scanner Software](https://www.g2.com/categories/vulnerability-scanner)
- [Dynamic Application Security Testing (DAST) Software](https://www.g2.com/categories/dynamic-application-security-testing-dast)
- [Risk-Based Vulnerability Management Software](https://www.g2.com/categories/risk-based-vulnerability-management)


