# Best Vulnerability Scanner Software for Medium-Sized Businesses - Page 2

*By [Lauren Worth](https://research.g2.com/insights/author/lauren-worth)*


Products classified in the overall Vulnerability Scanner category are similar in many regards and help companies of all sizes solve their business problems. However, medium-sized business features, pricing, setup, and installation differ from businesses of other sizes, which is why we match buyers to the right Medium-Sized Business Vulnerability Scanner to fit their needs. Compare product ratings based on reviews from enterprise users or connect with one of G2&#39;s buying advisors to find the right solutions within the Medium-Sized Business Vulnerability Scanner category.

In addition to qualifying for inclusion in the Vulnerability Scanner Software category, to qualify for inclusion in the Medium-Sized Business Vulnerability Scanner Software category, a product must have at least 10 reviews left by a reviewer from a medium-sized business.





## Top Vulnerability Scanner Software at a Glance
| # | Product | Rating | Best For | What Users Say |
|---|---------|--------|----------|----------------|
| 1 | [Wiz](https://www.g2.com/products/wiz-wiz/reviews) | 4.7/5.0 (822 reviews) | Risk-based cloud vulnerability prioritization with context | "[Wiz Delivers Clear Visibility Into Cloud Risks That Truly Matter](https://www.g2.com/survey_responses/wiz-review-12960477)" |
| 2 | [Aikido Security](https://www.g2.com/products/aikido-security/reviews) | 4.6/5.0 (202 reviews) | Auto-triaged DevSecOps scanning with low false positives | "[Enterprise Security Without an Enterprise Security Team](https://www.g2.com/survey_responses/aikido-security-review-13108704)" |
| 3 | [Orca Security](https://www.g2.com/products/orca-security/reviews) | 4.7/5.0 (300 reviews) | Agentless cloud vulnerability scanning with contextual risk prioritization | "[Orca Makes Shadow AI Agents Visible and Governable Across Our Cloud](https://www.g2.com/survey_responses/orca-security-review-13119948)" |
| 4 | [Tenable Nessus](https://www.g2.com/products/tenable-nessus/reviews) | 4.5/5.0 (289 reviews) | Credentialed infrastructure scans with compliance auditing | "[Self-Contained Nessus Scanning with Full Control in Offline Environments](https://www.g2.com/survey_responses/tenable-nessus-review-12937668)" |
| 5 | [Astra Pentest](https://www.g2.com/products/astra-pentest/reviews) | 4.6/5.0 (212 reviews) | SaaS pentest certification with manual validation | "[Smooth Onboarding, Responsive Support, and Strong Pentest Lifecycle Controls](https://www.g2.com/survey_responses/astra-pentest-review-13001206)" |
| 6 | [Intruder](https://www.g2.com/products/intruder/reviews) | 4.8/5.0 (207 reviews) | Continuous vulnerability scanning with emerging threat detection | "[Reliable Service with Flexible Plans and Strong Support](https://www.g2.com/survey_responses/intruder-review-13110046)" |
| 7 | [Sysdig Secure](https://www.g2.com/products/sysdig-sysdig-secure/reviews) | 4.8/5.0 (110 reviews) | Runtime vulnerability detection in Kubernetes workloads | "[Excellent Real-Time Kubernetes Security Visibility and Threat Detection](https://www.g2.com/survey_responses/sysdig-secure-review-12711991)" |
| 8 | [CrowdStrike Falcon Cloud Security](https://www.g2.com/products/crowdstrike-falcon-cloud-security/reviews) | 4.6/5.0 (116 reviews) | — | "[Unified Cloud Posture Visibility with CrowdStrike Falcon Cloud Security](https://www.g2.com/survey_responses/crowdstrike-falcon-cloud-security-review-13109056)" |
| 9 | [Burp Suite](https://www.g2.com/products/burp-suite/reviews) | 4.8/5.0 (126 reviews) | Manual web application penetration testing workflows | "[Complete Control Over Web Requests with Burp Suite](https://www.g2.com/survey_responses/burp-suite-review-12677559)" |
| 10 | [Tenable Vulnerability Management](https://www.g2.com/products/tenable-vulnerability-management/reviews) | 4.5/5.0 (113 reviews) | Risk-based vulnerability prioritization with VPR scoring | "[TVM Does What You Need](https://www.g2.com/survey_responses/tenable-vulnerability-management-review-12937561)" |

---
## What Are the Most Common Questions About Vulnerability Scanner Software?
*AI-generated · Last updated: May 26, 2026*
### What platform provides detailed vulnerability reporting and analytics?
Based on G2 reviews, several vulnerability scanner software products are praised for detailed reporting and clear visibility into findings. According to verified users, Tenable Nessus stands out for detailed reports, audit-friendly outputs, and remediation suggestions, while Intruder reviewers mention clear dashboards and practical reporting that help teams understand and act on issues quickly. G2 reviewers also mention Edgescan for trend reporting, time-to-resolve visibility, and dashboards that help track remediation progress over time. Buyers looking for strong reporting and analytics often value products that combine understandable findings with prioritization and historical visibility so teams can communicate risk clearly and manage remediation more efficiently.


### What platform integrates scanning with patch management systems?
Based on G2 reviews, products in this category often support remediation workflows by helping teams connect findings to patching or operational processes. According to verified users, CyberSmart is noted for patch management alongside vulnerability visibility, helping teams see outdated systems and remediate them from the same workflow. G2 reviewers also mention ConnectSecure Vulnerability and Compliance Manager and APPCHECK as tools that support organized remediation, while Qualys and Tenable products are described as integrating findings into broader operational environments. Buyers evaluating vulnerability scanner software for this use case should prioritize products reviewers say make it easier to move from finding issues to coordinating fixes, especially when patching and compliance work need to stay tightly connected.


### What is the most affordable vulnerability scanner for SMBs?
Based on G2 reviews, affordability for SMBs is usually described in terms of value, ease of setup, and reduced manual work rather than exact pricing. According to verified users, Aikido Security is frequently described as friendly for small and mid-sized businesses, with reviewers highlighting strong value and straightforward setup. G2 reviewers also mention Intruder as cost-effective and easy to operate, while Offensity is noted as an affordable way to stay on top of cyber risks without hiring dedicated experts. For SMB buyers, the strongest value signals in recent reviews come from products that combine simple onboarding, actionable findings, and automation that reduces the need for extra security staffing.

**Here are some of the top-rated products on G2:**

- [Aikido Security](https://www.g2.com/products/aikido-security/reviews/aikido-security-review-11660004) – reviewers describe it as suitable for SMBs with broad automated security testing and simple setup
- [Intruder](https://www.g2.com/products/intruder/reviews/intruder-review-11847236) – users highlight cost-effective scanning, easy implementation, and low operational overhead
- [Offensity](https://www.g2.com/products/offensity/reviews/offensity-review-11393651) – reviewers call out affordability and continuous automated scans for smaller teams


### Which vendor offers automated remediation guidance for vulnerabilities?
Based on G2 reviews, several vendors are recognized for helping teams move from findings to fixes with clear remediation guidance. According to verified users, Wiz is frequently praised for actionable remediation steps, contextual prioritization, and guidance that helps security and engineering teams understand what to fix first. G2 reviewers also mention Tenable Nessus for helpful remediation tips and APPCHECK for making vulnerability assignment and management easier. Buyers looking for vulnerability scanner software with strong remediation support should focus on products reviewers say reduce manual triage, explain issues clearly, and provide practical next steps instead of only listing findings.


### Which solution supports vulnerability scanning for cloud environments?
Based on G2 reviews, cloud vulnerability scanning is a major strength for multiple products in this category. According to verified users, Wiz is repeatedly praised for broad visibility across cloud environments, including vulnerabilities, misconfigurations, and risk prioritization in a single platform. G2 reviewers also mention Orca Security for agentless cloud scanning and centralized visibility, while Intruder and CrowdStrike Falcon Cloud Security are described as helping teams monitor cloud assets and workloads more effectively. Buyers focused on cloud use cases should look for recent review themes around fast onboarding, multi-cloud visibility, and the ability to prioritize real risks rather than simply generating large volumes of alerts.


### What is the top-rated vulnerability scanner for large organizations?
Based on G2 reviews, Wiz appears most frequently in recent feedback and is consistently described as a strong fit for large, complex environments. According to verified users, it helps organizations unify cloud visibility, reduce alert fatigue, and prioritize risks across broad environments without adding heavy deployment friction. G2 reviewers mention benefits such as multi-cloud visibility, strong collaboration across security and engineering teams, and support for scaling security operations in complex estates. For large organizations, the most common recent themes are broad coverage, contextual prioritization, and the ability to consolidate multiple security workflows into one platform, all of which are repeatedly associated with Wiz in the supplied review set.


### What is the best vulnerability scanning tool for enterprise IT teams?
Based on G2 reviews, Wiz is the strongest recent fit for enterprise IT teams because reviewers repeatedly describe it as helping large teams unify visibility, prioritize meaningful risks, and coordinate remediation across complex environments. According to verified users, it reduces noise by connecting vulnerabilities, misconfigurations, and exposures in context, which helps enterprise teams focus their efforts more effectively. G2 reviewers also mention fast onboarding, strong integrations, and better collaboration between security, infrastructure, and engineering teams. In the supplied review set, those enterprise-focused themes appear most consistently around Wiz, making it the clearest recent answer for buyers seeking a broad, scalable vulnerability scanner software platform.


### Which tool supports scanning for compliance with industry standards?
Based on G2 reviews, several tools are used to support compliance-driven vulnerability scanning. According to verified users, Tenable Nessus is commonly mentioned for helping teams scan against recognized standards and create reports for audit and compliance use cases. G2 reviewers also mention Intruder for ongoing scanning tied to compliance workflows, CyberSmart for Cyber Essentials-related monitoring, and Wiz for supporting PCI, SOC, and broader compliance visibility in cloud environments. Buyers looking for compliance-focused vulnerability scanner software should prioritize tools reviewers say generate understandable reports, surface remediation clearly, and fit into recurring audit or certification processes without adding heavy manual work.


### Which vendor provides real-time vulnerability detection and alerts?
Based on G2 reviews, real-time or continuously updated visibility is a common requirement for buyers who need fast response to new issues. According to verified users, Wiz is repeatedly described as providing rapid visibility into vulnerabilities and risks across cloud environments, with contextual prioritization that helps teams respond faster. G2 reviewers also mention Intruder for automatic scanning and timely notifications, while CyberSmart is noted for real-time style reporting on vulnerabilities and patching needs. For this use case, buyers should look for products that reviewers say combine continuous monitoring with useful alerts, so teams can act quickly without being buried in low-value noise.


### Which vulnerability scanner offers the most accurate network security assessments?
Based on G2 reviews, Tenable Nessus is one of the clearest choices for accurate network-focused assessments. According to verified users, it is praised for high scanning accuracy, broad plugin coverage, clear reports, and fast identification of vulnerabilities across networks and hybrid environments. G2 reviewers mention that it helps uncover hidden issues, supports regular scanning, and provides actionable remediation tips that make findings easier to address. Other products in the dataset also support network visibility, but Nessus is the one most directly associated in recent reviews with accurate, dependable vulnerability assessments for network assets and infrastructure.




## G2 Grid® for Vulnerability Scanner Software
![G2 Grid® for Vulnerability Scanner Software plotting products by satisfaction and market presence](https://www.g2.com/categories/vulnerability-scanner/grids.png?focus%5B%5D=146504&focus%5B%5D=32494&focus%5B%5D=32486&focus%5B%5D=123609&focus%5B%5D=27706&focus%5B%5D=154599&focus%5B%5D=16881&focus%5B%5D=20460)
Highlighted products: Wiz, Tenable Nessus, Burp Suite, Orca Security, Intruder, Astra Pentest, SentinelOne Singularity Endpoint, and Sysdig Secure.
Underlying data: [Grid® JSON](https://www.g2.com/categories/vulnerability-scanner/grids.json?focus%5B%5D=wiz-wiz&amp;focus%5B%5D=tenable-nessus&amp;focus%5B%5D=burp-suite&amp;focus%5B%5D=orca-security&amp;focus%5B%5D=intruder&amp;focus%5B%5D=astra-pentest&amp;focus%5B%5D=sentinelone-singularity-endpoint&amp;focus%5B%5D=sysdig-sysdig-secure&amp;segment=mid-market)


## How Many Vulnerability Scanner Software Products Does G2 Track?
**Total Products under this Category:** 223

### Category Stats (Jul 2026)
- **Average Rating**: 4.58/5 (↓0.01 vs Jun 2026) The average rating of products in this category, based on all submitted ratings
- **Top Trending Product**: CybaOps (+8.33%) - Among all products in this category, CybaOps recorded the largest rating increase compared to last month
*Last updated: July 16, 2026*


## How Does G2 Rank Vulnerability Scanner Software Products?

**Why You Can Trust G2's Software Rankings:**

- 30 Analysts and Data Experts
- 7,500+ Authentic Reviews
- 223+ Products
- Unbiased Rankings

G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category.



---

**Sponsored**

### Copper

Copper is the only client and project management tool that&#39;s a Recommended for Google Workspace app. Built for agencies, consultants and professional services, Copper helps you connect with leads, win deals, deliver projects and create repeat clients. All in one easy-to-use tool. Join 30,000+ professional services businesses in building more valuable, longer-lasting relationships. Collect leads with website contact forms or scan business cards from our mobile app. Leads flow effortlessly into your sales pipeline. Pipeline flags and reports help you keep things moving. Transition new clients over to your onboarding or project delivery pipelines with one click. Manage next steps and tasks directly on your pipeline without needing to click into projects. Copper’s integration with Google works seamlessly with your Gmail, Calendar and Drive, you never have to switch tabs to add leads, track email conversations, find files and manage tasks in your marketing and sales process. Talking to a new person? Add new contacts directly from Gmail through our Chrome Extension. Hover over any Copper contact for rich, contextualized communication and activity details. Surface your CRM reminders and tasks alongside your Gmail inbox. Speed up your email responses with email templates, automations and merge fields. Add new leads and update old ones based on your email interactions, Google Contacts and Copper suggestions. Manual data entry is a thing of the past. Your Google Calendar gets a makeover too. You can look up event details, customer interactions, and materials directly from Google Calendar without breaking your workflow. Stop hunting for files, they&#39;re right where you need them. Files and Google docs sync to your Copper contact records automatically. Quickly surface customer files across company and deal records, and easily attach suggested files in Gmail based on your email activity. Export any data from Copper directly to Google Sheets via the custom report builder, or connect to Looker Studio to visualize Copper data longside other data sources.



[Visit website](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=ppc&amp;secure%5Bad_slot%5D=category_product_list&amp;secure%5Bcategory_id%5D=1423&amp;secure%5Bchosen_at%5D=2026-07-17T09%3A43%3A03Z&amp;secure%5Bdisplayable_resource_id%5D=179&amp;secure%5Bdisplayable_resource_type%5D=Category&amp;secure%5Bmedium%5D=sponsored&amp;secure%5Bplacement_reason%5D=retargeted_product&amp;secure%5Bplacement_resource_ids%5D%5B%5D=6027&amp;secure%5Bprioritized%5D=false&amp;secure%5Bproduct_id%5D=6027&amp;secure%5Bresource_id%5D=1423&amp;secure%5Bresource_type%5D=Category&amp;secure%5Bsource_type%5D=category_page&amp;secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fvulnerability-scanner%2Fmid-market%3Fpage%3D2&amp;secure%5Btoken%5D=b32e74d13956df87abc0669ca0ef22fad137c30baca935659d2900584be94ac6&amp;secure%5Burl%5D=https%3A%2F%2Fwww.copper.com%2Fsignup%3Futm_source%3DG2%26utm_medium%3Dreviewwebsites%26utm_campaign%3Dclicks&amp;secure%5Burl_type%5D=free_trial)

---


## Vulnerability Scanner Software Features & Capabilities

### What are the Best Vulnerability Scanner Software with Compliance Testing?
Allows users to scan applications and networks for specific compliance requirements.

**Top-rated Vulnerability Scanner Software for Compliance Testing:**
- [Wiz](https://www.g2.com/products/wiz-wiz/reviews)
- [Aikido Security](https://www.g2.com/products/aikido-security/reviews)
- [Orca Security](https://www.g2.com/products/orca-security/reviews)
[Explore Vulnerability Scanner Software with Compliance Testing](https://www.g2.com/categories/vulnerability-scanner/f/compliance-testing)

### What are the Best Vulnerability Scanner Software with Perimeter Scanning?
Analyzes network devices, servers and operating systems for vulnerabilities.

**Top-rated Vulnerability Scanner Software for Perimeter Scanning:**
- [Wiz](https://www.g2.com/products/wiz-wiz/reviews)
- [Aikido Security](https://www.g2.com/products/aikido-security/reviews)
- [Orca Security](https://www.g2.com/products/orca-security/reviews)
[Explore Vulnerability Scanner Software with Perimeter Scanning](https://www.g2.com/categories/vulnerability-scanner/f/perimeter-scanning)

### What are the Best Vulnerability Scanner Software with Manual Application Testing?
Allows users to perfrom hands-on live simulations and penetration tests.

**Top-rated Vulnerability Scanner Software for Manual Application Testing:**
- [Aikido Security](https://www.g2.com/products/aikido-security/reviews)
- [Orca Security](https://www.g2.com/products/orca-security/reviews)
- [Astra Pentest](https://www.g2.com/products/astra-pentest/reviews)
[Explore Vulnerability Scanner Software with Manual Application Testing](https://www.g2.com/categories/vulnerability-scanner/f/manual-application-testing)

### What are the Best Vulnerability Scanner Software with Static Code Analysis?
Scans application source code for security flaws without executing it.

**Top-rated Vulnerability Scanner Software for Static Code Analysis:**
- [Aikido Security](https://www.g2.com/products/aikido-security/reviews)
- [Orca Security](https://www.g2.com/products/orca-security/reviews)
- [Tenable Nessus](https://www.g2.com/products/tenable-nessus/reviews)
[Explore Vulnerability Scanner Software with Static Code Analysis](https://www.g2.com/categories/vulnerability-scanner/f/static-code-analysis)

### What are the Best Vulnerability Scanner Software with Automated Scans?
Runs pre-scripted vulnerability scans without requiring manual work.

**Top-rated Vulnerability Scanner Software for Automated Scans:**
- [Wiz](https://www.g2.com/products/wiz-wiz/reviews)
- [Aikido Security](https://www.g2.com/products/aikido-security/reviews)
- [Orca Security](https://www.g2.com/products/orca-security/reviews)
[Explore Vulnerability Scanner Software with Automated Scans](https://www.g2.com/categories/vulnerability-scanner/f/automated-scans)


## What Are the Top-Rated Vulnerability Scanner Software Products in 2026?
### 1. [Jit](https://www.g2.com/products/jit/reviews)
Jit is redefining application security by introducing the first Agentic AppSec Platform, seamlessly blending human expertise with AI-driven automation. Designed for modern development teams, Jit empowers organizations to proactively manage security risks across the entire software development lifecycle.​ AI-Powered Agents Jit&#39;s AI Agents, such as SERA (Security Evaluation and Remediation Agent) and COTA (Communication, Ops, and Ticketing Agent), collaborate with your teams to automate vulnerability triage, risk assessment, and remediation processes, significantly reducing manual workloads. ​ Comprehensive Security Scanning Achieve full-stack security coverage with integrated scanners for SAST, DAST, SCA, IaC, CSPM, and more. Jit&#39;s platform ensures continuous monitoring and immediate feedback on code changes, facilitating rapid identification and resolution of security issues. ​ Developer-Centric Experience With integrations into popular IDEs and CI/CD pipelines, Jit provides developers with contextual security insights directly within their workflows, promoting a shift-left approach without disrupting productivity. ​ Agentic AI for AppSec Teams Risk-Based Prioritization Utilizing the Model Context Protocol (MCP), Jit evaluates vulnerabilities in the context of runtime environments, business impact, and compliance requirements, enabling teams to focus on the most critical risks. ​ Seamless Integrations Jit integrates with a wide array of tools, including GitHub, GitLab, AWS, Azure, GCP, Jira, Slack, and more, ensuring that security processes are embedded within your existing technology stack. ​


**Average Rating:** 4.5/5.0
**Total Reviews:** 43
**How Do G2 Users Rate Jit?**

- **Has the product been a good partner in doing business?:** 9.6/10 (Category avg: 9.2/10)
- **Detection Rate:** 8.4/10 (Category avg: 8.9/10)
- **Automated Scans:** 8.6/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 8.4/10 (Category avg: 8.4/10)

**Who Is the Company Behind Jit?**

- **Seller:** [jit](https://www.g2.com/sellers/jit)
- **Year Founded:** 2021
- **HQ Location:** Boston, MA
- **Twitter:** @jit_io (522 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/jit/ (150 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software, Financial Services
- **Company Size:** 44% Mid-Market, 42% Small-Business


#### What Are Jit's Pros and Cons?

**Pros:**

- Security (10 reviews)
- Ease of Use (7 reviews)
- Easy Integrations (7 reviews)
- Efficiency (7 reviews)
- Automation (6 reviews)

**Cons:**

- Integration Issues (4 reviews)
- Limited Features (4 reviews)
- Limited Integration (4 reviews)
- Poor Documentation (4 reviews)
- Complexity (3 reviews)


### What Do G2 Reviewers Say About Jit?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **seamless integration of security into development workflows** , highlighting efficiency and centralized management.
- Users find Jit to be **very easy to use** , streamlining integration of security into development workflows effectively.
- Users love the **easy integrations** of Jit, streamlining security within their development workflows effortlessly.
- Users appreciate the **efficiency** of Jit, which reduces waste and streamlines processes, enhancing overall productivity.
- Users value the **automation of security controls** in Jit, streamlining workflows and enhancing efficiency in development processes.

**Cons:**

- Users face **integration issues** with Jit, particularly in enterprise environments and with certain CI tools requiring extra setup.
- Users find the **limited features** of Jit restrict complex setups and hinder comprehensive analytics and reporting.
- Users feel the **limited integration** with enterprise environments restricts Jit&#39;s full potential and usability.
- Users find the **documentation lacking** , particularly for advanced configurations, impacting their overall experience with Jit.
- Users find the **complexity** of Jit challenging, particularly with advanced integrations and configuration for newcomers.

#### What Are Recent G2 Reviews of Jit?

**"[Exploring jit a personal review](https://www.g2.com/survey_responses/jit-review-11751139)"**

**Rating:** 4.0/5.0 stars
*— Mohamed A.*

[Read full review](https://www.g2.com/survey_responses/jit-review-11751139)

---

**"[Helpful Tool for Integrating Security in Mobile App Development](https://www.g2.com/survey_responses/jit-review-11750234)"**

**Rating:** 4.0/5.0 stars
*— Ali A.*

[Read full review](https://www.g2.com/survey_responses/jit-review-11750234)

---



### 2. [Saner CVEM](https://www.g2.com/products/saner-cvem/reviews)
Prevention-first Vulnerability and Exposure Management for unified visibility, prioritization, compliance, and remediation Saner Continuous Vulnerability and Exposure Management unifies asset exposure, posture anomaly detection, vulnerability assessment, compliance management, risk prioritization, patching, and endpoint actions in one dashboard. Saner CVEM is built to help teams continuously detect, assess, prioritize, and remediate vulnerabilities and other security risks from a unified console Why Choose Saner CVEM? • Unified dashboard with interactive views across visibility, detection, prioritization, and remediation for a single source of truth • Complete asset visibility across endpoint and non-endpoint devices, operating system applications, third-party applications, and lifecycle changes • Continuous risk discovery with rapid scans, daily-updated risk intelligence, and posture anomaly detection that helps surface outliers and misconfigurations faster • Context-driven prioritization with SSVC categories such as Act, Attend, Track, and Track\* so teams can focus on the risks that deserve action first. • Continuous compliance management with built-in templates, customizable profiles, daily checks, and deviation tracking across common frameworks. • Integrated patching and remediation with vulnerability-to-patch mapping, automated deployment workflows, and endpoint actions from the same ecosystem. • Machine-learning-assisted analysis to identify deeper risk patterns, detect unusual posture, and support smarter remediation decisions. • Customizable, audit-ready reporting for security, IT, and compliance teams that need clearer evidence and easier tracking. • Flexible deployment on cloud or on-premises, with remediation support across Windows, Linux, macOS, and AIX environments.


**Average Rating:** 4.5/5.0
**Total Reviews:** 72
**How Do G2 Users Rate Saner CVEM?**

- **Has the product been a good partner in doing business?:** 9.1/10 (Category avg: 9.2/10)
- **Detection Rate:** 8.9/10 (Category avg: 8.9/10)
- **Automated Scans:** 9.2/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 9.1/10 (Category avg: 8.4/10)

**Who Is the Company Behind Saner CVEM?**

- **Seller:** [SecPod](https://www.g2.com/sellers/secpod-b11d8014-d8ec-46e7-9e81-c0d14919fbfc)
- **Company Website:** https://www.secpod.com/
- **Year Founded:** 2008
- **HQ Location:** Redwood City, California
- **Twitter:** @secpod (542 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/secpod-technologies/ (168 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 41% Small-Business, 38% Mid-Market


#### What Are Saner CVEM's Pros and Cons?

**Pros:**

- Security (14 reviews)
- Features (12 reviews)
- Ease of Use (10 reviews)
- Customer Support (9 reviews)
- Compliance Management (8 reviews)

**Cons:**

- Integration Issues (5 reviews)
- Limited Features (4 reviews)
- Slow Performance (4 reviews)
- Slow Scanning (4 reviews)
- Limited Cloud Integration (3 reviews)


### What Do G2 Reviewers Say About Saner CVEM?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **effective automation of security patches** with Saner CVEM, enhancing compliance for remote systems.
- Users appreciate the **automated endpoint security and compliance tracking** of Saner CVEM, simplifying patch management for remote systems.
- Users appreciate the **ease of use** of Saner CVEM, benefiting from its intuitive interface and efficient functionalities.
- Users appreciate the **responsive customer support** of Saner CVEM, enhancing their overall security management experience.
- Users value the **automated compliance management** of Saner CVEM, ensuring timely security updates across hybrid workforces.

**Cons:**

- Users face **integration issues** with Saner CVEM, especially requiring custom solutions and troubleshooting during data synchronization.
- Users experience **limited features** in multi-tenant support, integration, and dashboard usability, affecting overall efficiency.
- Users experience **slow performance** during initial dashboard loading and while handling large data sets, affecting efficiency.
- Users experience **slow scanning** with initial dashboard loads and large data sets, impacting daily checks and efficiency.
- Users find the **limited cloud integration** challenging, requiring workarounds and custom scripts for effective use.

#### What Are Recent G2 Reviews of Saner CVEM?

**"[Strong Visibility Across Assets, but Prioritization and UI Need Improvement](https://www.g2.com/survey_responses/saner-cvem-review-12398463)"**

**Rating:** 4.0/5.0 stars
*— Verified User in Pharmaceuticals*

[Read full review](https://www.g2.com/survey_responses/saner-cvem-review-12398463)

---

**"[Improve your digital security and combat vulnerabilities in your networks with Saner CVEM.](https://www.g2.com/survey_responses/saner-cvem-review-11395327)"**

**Rating:** 5.0/5.0 stars
*— Lydie D.*

[Read full review](https://www.g2.com/survey_responses/saner-cvem-review-11395327)

---


#### What Are G2 Users Discussing About Saner CVEM?

- [What is SanerNow used for?](https://www.g2.com/discussions/what-is-sanernow-used-for)

### 3. [Evolve Security](https://www.g2.com/products/evolve-security-evolve-security/reviews)
Evolve Security&#39;s patent pending Darwin Attack® platform is a comprehensive collaboration and management tool designed to help organizations manage their cybersecurity services and reduce risks of successful cyberattacks. The platform serves as a repository for research, vulnerability and attack details, compliance requirements, remediation recommendations, and mitigating controls. It also functions as a security feed, collaboration tool, tracking tool, management platform, and reporting platform. The platform enables organizations to actively manage their security program by providing real-time updates on testing progress and findings, which allows for timely remediation. Darwin Attack® is constantly updated with new information and functionality to ensure that it remains effective and efficient in meeting the needs of Evolve Security&#39;s clients.


**Average Rating:** 4.8/5.0
**Total Reviews:** 53
**How Do G2 Users Rate Evolve Security?**

- **Has the product been a good partner in doing business?:** 9.8/10 (Category avg: 9.2/10)
- **Detection Rate:** 9.2/10 (Category avg: 8.9/10)
- **Automated Scans:** 9.2/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 8.6/10 (Category avg: 8.4/10)

**Who Is the Company Behind Evolve Security?**

- **Seller:** [Evolve Security](https://www.g2.com/sellers/evolve-security)
- **Year Founded:** 2016
- **HQ Location:** Chicago, Illinois
- **Twitter:** @theevolvesec (788 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/evolve-security/ (65 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Financial Services
- **Company Size:** 70% Mid-Market, 21% Small-Business


#### What Are Evolve Security's Pros and Cons?

**Pros:**

- Actionable Intelligence (2 reviews)
- Vulnerability Detection (2 reviews)
- Vulnerability Identification (2 reviews)
- Audit Support (1 reviews)
- Communication (1 reviews)



### What Do G2 Reviewers Say About Evolve Security?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **actionable intelligence** provided by Evolve Security, enhancing their ability to address vulnerabilities effectively.
- Users value the **effective vulnerability detection** and guidance provided by Evolve Security&#39;s expert team.
- Users commend Evolve Security&#39;s **effective vulnerability identification** , providing clear instructions and communication throughout the process.
- Users value the **thorough audit support** provided, ensuring clear communication and effective remediation of vulnerabilities.
- Users commend the **excellent communication** from Evolve Security, facilitating clear understanding and collaboration during pentesting.


#### What Are Recent G2 Reviews of Evolve Security?

**"[Outstanding Cybersecurity Partner with Thorough, Actionable Pen Testing](https://www.g2.com/survey_responses/evolve-security-review-13059557)"**

**Rating:** 5.0/5.0 stars
*— Lesly V.*

[Read full review](https://www.g2.com/survey_responses/evolve-security-review-13059557)

---

**"[Professional, Well-Managed ASM and Pen Testing Experience](https://www.g2.com/survey_responses/evolve-security-review-12743932)"**

**Rating:** 5.0/5.0 stars
*— Kevin C.*

[Read full review](https://www.g2.com/survey_responses/evolve-security-review-12743932)

---



### 4. [Indusface WAS](https://www.g2.com/products/indusface-was/reviews)
Indusface WAS (Web Application Scanner) provides comprehensive managed dynamic application security testing (DAST) solution. It is a zero-touch, non-intrusive cloud-based solution that provides daily monitoring for web applications, checking for systems and application vulnerabilities, and malware. Indusface WAS with its automated scans &amp; manual pentesting done by certified security experts ensures none of the OWASP Top10, business logic vulnerabilities, and malware go unnoticed. With zero false-positive guarantee and comprehensive reporting with remediation guidance, Indusface web app scanning ensures developers to quickly fix vulnerabilities seamlessly.


**Average Rating:** 4.6/5.0
**Total Reviews:** 63
**How Do G2 Users Rate Indusface WAS?**

- **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.2/10)
- **Detection Rate:** 9.2/10 (Category avg: 8.9/10)
- **Automated Scans:** 9.3/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 8.8/10 (Category avg: 8.4/10)

**Who Is the Company Behind Indusface WAS?**

- **Seller:** [Indusface](https://www.g2.com/sellers/indusface)
- **Year Founded:** 2012
- **HQ Location:** Vadodara
- **Twitter:** @Indusface (3,472 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/indusface/ (180 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 52% Small-Business, 37% Mid-Market


#### What Are Indusface WAS's Pros and Cons?

**Pros:**

- Vulnerability Detection (19 reviews)
- Vulnerability Identification (16 reviews)
- Customer Support (6 reviews)
- Scanning Efficiency (6 reviews)
- Security (6 reviews)

**Cons:**

- Expensive (2 reviews)
- Confusing Interface (1 reviews)
- Lacking Features (1 reviews)
- Limited Scope (1 reviews)
- Poor Interface Design (1 reviews)


### What Do G2 Reviewers Say About Indusface WAS?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **effective vulnerability detection** of Indusface WAS, ensuring rapid prioritization and reliable remediation support.
- Users value the **consistent and reliable vulnerability detection** of Indusface WAS, ensuring secure deployments with ease.
- Users commend the **excellent customer support** of Indusface WAS, ensuring timely responses and effective issue resolution.
- Users value the **scanning efficiency** of Indusface WAS for detailed vulnerability reports and timely updates after deployments.
- Users value the **thorough security scans** from Indusface WAS, enhancing their vulnerability identification and accreditation processes.

**Cons:**

- Users feel that the pricing for Indusface WAS is **expensive** , especially regarding staging and development environment scans.
- Users find the **confusing interface** of Indusface WAS somewhat dated and in need of improvements for better usability.
- Users find the **lack of features** for staging and development environments limits their testing in Indusface WAS.
- Users find the **limited scope of pricing for staging environments** restricts functionality and increases testing challenges.
- Users find the **interface design outdated and unintuitive** , often wishing for a more user-friendly experience.

#### What Are Recent G2 Reviews of Indusface WAS?

**"[Vulnerability and malware scanner in one](https://www.g2.com/survey_responses/indusface-was-review-11323529)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Insurance*

[Read full review](https://www.g2.com/survey_responses/indusface-was-review-11323529)

---

**"[Great support Given by shivani](https://www.g2.com/survey_responses/indusface-was-review-11074325)"**

**Rating:** 5.0/5.0 stars
*— Sai N.*

[Read full review](https://www.g2.com/survey_responses/indusface-was-review-11074325)

---


#### What Are G2 Users Discussing About Indusface WAS?

- [What is Indusface WAS used for?](https://www.g2.com/discussions/what-is-indusface-was-used-for)

### 5. [Cyrisma](https://www.g2.com/products/cyrisma/reviews)
Cyrisma helps MSPs and MSSPs turn cyber risk and compliance into revenue. Its unified platform combines vulnerability management, data and asset discovery, compliance tracking, secure configuration, and dark web monitoring into one continuous experience - enabling partners to identify, prioritize, and remediate cyber risk efficiently. With executive-ready reporting, risk monetization insights, and elegant visuals, Cyrisma helps MSPs demonstrate measurable value, strengthen client relationships, and scale their security services profitably.


**Average Rating:** 4.6/5.0
**Total Reviews:** 60
**How Do G2 Users Rate Cyrisma?**

- **Has the product been a good partner in doing business?:** 9.3/10 (Category avg: 9.2/10)
- **Detection Rate:** 8.7/10 (Category avg: 8.9/10)
- **Automated Scans:** 8.7/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 7.9/10 (Category avg: 8.4/10)

**Who Is the Company Behind Cyrisma?**

- **Seller:** [Cyrisma](https://www.g2.com/sellers/cyrisma)
- **Company Website:** https://www.cyrisma.com/
- **Year Founded:** 2018
- **HQ Location:** Rochester, NY
- **Twitter:** @Cyrisma_USA (43 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/cyrisma/ (14 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** CEO
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 75% Small-Business, 22% Mid-Market


#### What Are Cyrisma's Pros and Cons?

**Pros:**

- Time-saving (12 reviews)
- Ease of Use (10 reviews)
- Customer Support (9 reviews)
- Features (8 reviews)
- Vulnerability Identification (8 reviews)

**Cons:**

- Missing Features (4 reviews)
- Not User-Friendly (4 reviews)
- Limited Flexibility (3 reviews)
- Poor Interface Design (3 reviews)
- Poor Navigation (3 reviews)


### What Do G2 Reviewers Say About Cyrisma?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **time-saving features** of Cyrisma, streamlining cybersecurity tasks and enhancing overall efficiency.
- Users appreciate the **intuitive platform** of Cyrisma, making cybersecurity management efficient and straightforward.
- Users commend the **fantastic customer support** of Cyrisma, valuing their responsiveness and helpfulness during product usage.
- Users value the **actionable vulnerability intelligence** of Cyrisma, appreciating its user-friendly dashboard and comprehensive coverage.
- Users love CYRISMA for its **actionable vulnerability intelligence** , streamlining security management with ease and clarity.

**Cons:**

- Users express concerns about **missing features** like better UI, data correlation, and effective patch management in Cyrisma.
- Users find Cyrisma&#39;s interface to be **not user-friendly** , complicating navigation and hindering overall usability and support experience.
- Users feel Cyrisma has **limited flexibility** , finding navigation complex and agent deployment unnecessarily cumbersome.
- Users find the **poor interface design** of Cyrisma challenging, hindering navigation and access to key insights.
- Users find **navigation challenging** in Cyrisma, complicating access to insights and hindering overall usability.

#### What Are Recent G2 Reviews of Cyrisma?

**"[Effortless Penetration Testing with CYRISMA](https://www.g2.com/survey_responses/cyrisma-review-12781999)"**

**Rating:** 5.0/5.0 stars
*— Sarah M.*

[Read full review](https://www.g2.com/survey_responses/cyrisma-review-12781999)

---

**"[CYRISMA offers strong consolidation value, needs enhancements in data correlation &amp; patch coverage](https://www.g2.com/survey_responses/cyrisma-review-11229216)"**

**Rating:** 4.0/5.0 stars
*— Jathin D.*

[Read full review](https://www.g2.com/survey_responses/cyrisma-review-11229216)

---



### 6. [Qualys VMDR](https://www.g2.com/products/qualys-vmdr/reviews)
Qualys VMDR is an all-in-one risk-based vulnerability management solution that quantifies cyber risk. It gives organizations unprecedented insights into their risk posture and provides actionable steps to reduce risk. It also gives cybersecurity and IT teams a shared platform to collaborate, and the power to quickly align and automate no-code workflows to respond to threats with automated remediation and integrations with ITSM solutions such as ServiceNow.


**Average Rating:** 4.4/5.0
**Total Reviews:** 164
**How Do G2 Users Rate Qualys VMDR?**

- **Has the product been a good partner in doing business?:** 8.6/10 (Category avg: 9.2/10)
- **Detection Rate:** 8.5/10 (Category avg: 8.9/10)
- **Automated Scans:** 8.6/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 8.4/10 (Category avg: 8.4/10)

**Who Is the Company Behind Qualys VMDR?**

- **Seller:** [Qualys](https://www.g2.com/sellers/qualys)
- **Year Founded:** 1999
- **HQ Location:** Foster City, CA
- **Twitter:** @qualys (34,248 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/8561/ (3,627 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Security Engineer
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 51% Enterprise, 28% Mid-Market


#### What Are Qualys VMDR's Pros and Cons?

**Pros:**

- Vulnerability Detection (2 reviews)
- Vulnerability Identification (2 reviews)
- Alerting System (1 reviews)
- Automation (1 reviews)
- Cloud Integration (1 reviews)

**Cons:**

- Complexity (1 reviews)
- Complex Reporting (1 reviews)
- Complex Setup (1 reviews)
- Difficult Learning (1 reviews)
- Feature Complexity (1 reviews)


### What Do G2 Reviewers Say About Qualys VMDR?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **efficient vulnerability detection** of Qualys VMDR, which enhances security and ensures swift remediation.
- Users value the **swift vulnerability identification** capabilities of Qualys VMDR, enhancing their overall security posture effectively.
- Users value the **real-time alerting system** of Qualys VMDR, ensuring prompt notifications for critical vulnerabilities and swift responses.
- Users value the **automated vulnerability detection** of Qualys VMDR, appreciating its effortless cloud deployment and easy setup.
- Users value the **cloud integration** of Qualys VMDR, as it simplifies deployment without infrastructure requirements.

**Cons:**

- Users find the **interface complex** , making it challenging for newcomers to navigate and use effectively.
- Users find the **complex reporting** of Qualys VMDR challenging, particularly for new users during initial use.
- Users find the **complex setup** challenging, especially for new users grappling with the initial interface.
- Users find the **difficult learning** curve of Qualys VMDR challenging, especially for newcomers to the platform.
- Users find the **interface overly complex** , making it challenging for new users to navigate successfully.

#### What Are Recent G2 Reviews of Qualys VMDR?

**"[One Go Tool for small or medium level Organizations](https://www.g2.com/survey_responses/qualys-vmdr-review-5466550)"**

**Rating:** 4.0/5.0 stars
*— Verified User in Security and Investigations*

[Read full review](https://www.g2.com/survey_responses/qualys-vmdr-review-5466550)

---

**"[Real-Time Asset Visibility and TruRisk Prioritization at Scale](https://www.g2.com/survey_responses/qualys-vmdr-review-12484147)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Information Technology and Services*

[Read full review](https://www.g2.com/survey_responses/qualys-vmdr-review-12484147)

---


#### What Are G2 Users Discussing About Qualys VMDR?

- [What does Qualys Vmdr do?](https://www.g2.com/discussions/what-does-qualys-vmdr-do) - 1 comment
- [What vulnerabilities does Qualys scan for?](https://www.g2.com/discussions/qualys-vmdr-what-vulnerabilities-does-qualys-scan-for)
- [What does Qualys cloud agent do?](https://www.g2.com/discussions/what-does-qualys-cloud-agent-do)
- [How does Qualys patch management work?](https://www.g2.com/discussions/how-does-qualys-patch-management-work)
- [What is Qualys software?](https://www.g2.com/discussions/what-is-qualys-software)

### 7. [VulScan](https://www.g2.com/products/vulscan/reviews)
Automated Vulnerability Scanning. Affordably Priced For Everyone! With almost 70 new hidden vulnerabilities identified every day, you would need to be a super hero with X-ray vision to find them all. Or, you can let VulScan do it for you. VulScan is purpose-built for MSPs and for IT Departments that handle their own IT security. It has all the features you need for both internal and external vulnerability management, but without all the complexity found in older solutions. Best of all, VulScan is priced so that cost is no longer a barrier to scanning as many assets as you need, as frequently as you want. That’s why our slogan is “Vulnerability Management For The Rest of Us! VulScan is an affordable cloud-based vulnerability management platform. It includes the software needed to spin up an unlimited number of virtual network scanner appliances using Hyper-V or VMWare, and a cloud-based portal to control the scanners and manage the discovered issues. For internal network scanning, the appliances can be installed on any existing computer that has excess capacity on the network, or installed on a dedicated box to be permanently installed. You can add multiple scanners and configure them each to scan separate parts of the network to get even faster results pushed into the same client site dashboard at no additional cost. For external scanning, the appliances are installed on the MSP’s data center or other remote location and “pointed” to the public facing IP addresses of the target network.


**Average Rating:** 4.1/5.0
**Total Reviews:** 121
**How Do G2 Users Rate VulScan?**

- **Has the product been a good partner in doing business?:** 8.2/10 (Category avg: 9.2/10)
- **Detection Rate:** 7.8/10 (Category avg: 8.9/10)
- **Automated Scans:** 8.6/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 6.9/10 (Category avg: 8.4/10)

**Who Is the Company Behind VulScan?**

- **Seller:** [Kaseya](https://www.g2.com/sellers/kaseya)
- **Company Website:** https://www.kaseya.com/
- **Year Founded:** 2000
- **HQ Location:** Miami, FL
- **Twitter:** @KaseyaCorp (17,411 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/kaseya/ (5,471 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 66% Small-Business, 32% Mid-Market


#### What Are VulScan's Pros and Cons?

**Pros:**

- Ease of Use (24 reviews)
- Implementation Ease (10 reviews)
- Simple (10 reviews)
- Features (9 reviews)
- Reporting Features (9 reviews)

**Cons:**

- Difficult Setup (6 reviews)
- Inadequate Reporting (5 reviews)
- Poor Customer Support (5 reviews)
- Confusing Interface (4 reviews)
- Limited Features (4 reviews)


### What Do G2 Reviewers Say About VulScan?
*AI-generated summary from verified user reviews*

**Pros:**

- Users find VulScan&#39;s **ease of use** advantageous, appreciating simple scheduling and integration with existing systems.
- Users find **VulScan&#39;s implementation easy** , noting seamless integration and straightforward configuration for scanning tasks.
- Users love the **ease of setup** and intuitive navigation of VulScan, enhancing their overall experience.
- Users appreciate the **ease of deployment and configuration** of VulScan, making setup and integration seamless.
- Users appreciate the **easy-to-generate reports** of VulScan, highlighting their usefulness for both admins and end users.

**Cons:**

- Users found the **difficult setup** of VulScan challenging, complicating installation and deployment processes significantly.
- Users express concern over the **inadequate reporting** of VulScan, finding it overwhelming and lacking meaningful insights.
- Users express frustration with **poor customer support** , making it difficult to resolve issues and get assistance.
- Users find the **confusing interface** of VulScan frustrating, requiring excessive navigation and documentation to use effectively.
- Users criticize the **limited features** of VulScan, especially regarding inadequate reporting and detection capabilities across platforms.

#### What Are Recent G2 Reviews of VulScan?

**"[Clear, Easy Security Visibility That Cuts Manual Busywork](https://www.g2.com/survey_responses/vulscan-review-12884652)"**

**Rating:** 5.0/5.0 stars
*— Sheila K.*

[Read full review](https://www.g2.com/survey_responses/vulscan-review-12884652)

---

**"[Great addonfor NMAP](https://www.g2.com/survey_responses/vulscan-review-8143727)"**

**Rating:** 4.5/5.0 stars
*— Viswajith R.*

[Read full review](https://www.g2.com/survey_responses/vulscan-review-8143727)

---



### 8. [APPCHECK](https://www.g2.com/products/appcheck/reviews)
AppCheck is a Dynamic Application Security Testing (DAST) and network vulnerability testing solution, developed and supported by experienced penetration testers. We approach security testing as a hacker would, leveraging multiple proprietary crawling engines to analyse target behaviour across both modern and traditional technologies, including Single Page Applications (SPAs), APIs, and complex authentication flows such as SSO, 2FA, and TOTP. Organisations can conduct unlimited security assessments across Web Applications, SPAs, APIs, cloud services, networks, across internal or external assets. Supporting production and UAT testing, AppCheck also helps organisations ‘shift left’ by integrating with CI/CD pipelines and build servers, including ADO, GitHub, Jenkins, TeamCity, CircleCI, TravisCI, Bamboo, and GitLab CI/CD. Allowing automated security testing throughout development, identifying risks as soon as changes are introduced. AppCheck are proud to be part of the CVE Numbering Authority (CNA), contributing to global security research


**Average Rating:** 4.6/5.0
**Total Reviews:** 67
**How Do G2 Users Rate APPCHECK?**

- **Has the product been a good partner in doing business?:** 9.5/10 (Category avg: 9.2/10)
- **Detection Rate:** 9.2/10 (Category avg: 8.9/10)
- **Automated Scans:** 9.5/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 8.8/10 (Category avg: 8.4/10)

**Who Is the Company Behind APPCHECK?**

- **Seller:** [APPCHECK](https://www.g2.com/sellers/appcheck)
- **Company Website:** https://www.appcheck-ng.com
- **Year Founded:** 2014
- **HQ Location:** Leeds, GB
- **Twitter:** @AppcheckNG (649 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/appcheck-ng-ltd/ (106 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 49% Mid-Market, 30% Small-Business


#### What Are APPCHECK's Pros and Cons?

**Pros:**

- Vulnerability Detection (7 reviews)
- Ease of Use (6 reviews)
- Features (5 reviews)
- Pentesting Efficiency (5 reviews)
- Automated Scanning (4 reviews)

**Cons:**

- Poor Customer Support (2 reviews)
- UX Improvement (2 reviews)
- API Issues (1 reviews)
- Difficult Customization (1 reviews)
- Difficult Learning Curve (1 reviews)


### What Do G2 Reviewers Say About APPCHECK?
*AI-generated summary from verified user reviews*

**Pros:**

- Users highlight the **effective vulnerability detection** of AppCheck, which outshines competitors in thoroughness and ease of use.
- Users find the **ease of use** of AppCheck invaluable, simplifying complex security processes effectively and efficiently.
- Users appreciate the **excellent pricing and functionality** of AppCheck, enhancing their vulnerability management and reporting capabilities.
- Users commend AppCheck for its **exceptional pentesting efficiency** , significantly enhancing vulnerability detection and streamlining security processes.
- Users appreciate the **automated scanning** of AppCheck, benefiting from detailed reports and seamless integration with CI/CD pipelines.

**Cons:**

- Users find the **poor customer support** frustrating, as they must submit tickets for simple changes.
- Users feel that **UX improvement** is necessary, particularly in scoring systems, customization, and starting points for scans.
- Users find the **API endpoint changes cumbersome** , relying on service requests instead of having direct control.
- Users find **difficult customization** options in AppCheck, limiting the ability to tailor reports and vulnerability scoring.
- Users note a significant **difficult learning curve** with Appcheck, which can hinder initial usability and efficiency.

#### What Are Recent G2 Reviews of APPCHECK?

**"[Effortless Vulnerability Management with APPCHECK](https://www.g2.com/survey_responses/appcheck-review-12463853)"**

**Rating:** 5.0/5.0 stars
*— Aaron H.*

[Read full review](https://www.g2.com/survey_responses/appcheck-review-12463853)

---

**"[Great onboarding experience and trial](https://www.g2.com/survey_responses/appcheck-review-11771398)"**

**Rating:** 4.0/5.0 stars
*— Tyler S.*

[Read full review](https://www.g2.com/survey_responses/appcheck-review-11771398)

---



### 9. [Bitsight](https://www.g2.com/products/bitsight/reviews)
Bitsight is the global leader in cyber risk intelligence, leveraging advanced AI to empower organizations with precise insights derived from the industry’s most extensive external cybersecurity dataset. With more than 3,500 customers and over 68,000 organizations active on its platform, Bitsight delivers real-time visibility into cyber risk and threat exposure, enabling teams to rapidly identify vulnerabilities, detect emerging threats, prioritize remediation, and mitigate risks across their extended attack surface. Bitsight proactively uncovers security gaps across infrastructure, cloud environments, digital identities, and third- and fourth-party ecosystems. From security operations and governance teams to executive boardrooms, Bitsight provides the unified intelligence backbone required to confidently manage cyber risk and address exposures before they impact performance.


**Average Rating:** 4.5/5.0
**Total Reviews:** 76
**How Do G2 Users Rate Bitsight?**

- **Has the product been a good partner in doing business?:** 9.3/10 (Category avg: 9.2/10)

**Who Is the Company Behind Bitsight?**

- **Seller:** [Bitsight](https://www.g2.com/sellers/bitsight)
- **Company Website:** https://www.bitsight.com/
- **Year Founded:** 2011
- **HQ Location:** Boston, MA
- **Twitter:** @BitSight (4,503 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/bitsight/ (741 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Hospital &amp; Health Care
- **Company Size:** 71% Enterprise, 24% Mid-Market


#### What Are Bitsight's Pros and Cons?

**Pros:**

- Security (15 reviews)
- Risk Management (14 reviews)
- Ease of Use (13 reviews)
- Features (11 reviews)
- Customer Support (9 reviews)

**Cons:**

- Missing Features (6 reviews)
- Lack of Clarity (5 reviews)
- Poor Customer Support (4 reviews)
- Poor Notifications (4 reviews)
- Slow Loading (4 reviews)


### What Do G2 Reviewers Say About Bitsight?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **comprehensive security posture** provided by Bitsight, enhancing protection for their organization and suppliers.
- Users value the **comprehensive security posture** provided by Bitsight, enhancing management of cyber risk and third-party suppliers.
- Users find Bitsight&#39;s **ease of use** remarkable, enjoying its intuitive interface and seamless integration with various platforms.
- Users appreciate the **detailed insights** and **collaboration features** of Bitsight, enhancing vendor risk management effectively.
- Users praise the **fantastic customer support** of Bitsight, highlighting their knowledge and eagerness to assist effectively.

**Cons:**

- Users find **missing features** in Bitsight, such as lack of transparency and inadequate questionnaire management, frustrating overall.
- Users criticize the **lack of clarity** in BitSight&#39;s scoring mechanism and experience occasional inaccuracies in domain reporting.
- Users experience **poor customer support** and inadequate documentation, hindering effective use of the Bitsight platform.
- Users experience **poor notifications** with delayed alerts and irrelevant historical breaches, impacting timely critical monitoring.
- Users experience **slow loading** times and timeouts that hinder workflow and overall satisfaction with Bitsight.

#### What Are Recent G2 Reviews of Bitsight?

**"[Finds Public-Facing Security Flaws and Clearly Shows How to Fix Them](https://www.g2.com/survey_responses/bitsight-review-12760320)"**

**Rating:** 4.5/5.0 stars
*— Verified User in Computer Software*

[Read full review](https://www.g2.com/survey_responses/bitsight-review-12760320)

---

**"[Effortless Cyber Risk Scoring for Proactive Security](https://www.g2.com/survey_responses/bitsight-review-12098656)"**

**Rating:** 4.0/5.0 stars
*— Matthew P.*

[Read full review](https://www.g2.com/survey_responses/bitsight-review-12098656)

---


#### What Are G2 Users Discussing About Bitsight?

- [What does Bitsight Security Ratings do?](https://www.g2.com/discussions/what-does-bitsight-security-ratings-do)
- [How is BitSight calculated?](https://www.g2.com/discussions/how-is-bitsight-calculated)
- [What is a BitSight security rating?](https://www.g2.com/discussions/what-is-a-bitsight-security-rating)

### 10. [Defendify All-In-One Cybersecurity Solution](https://www.g2.com/products/defendify-all-in-one-cybersecurity-solution/reviews)
Founded in 2017, Defendify is pioneering All-In-One Cybersecurity® for organizations with growing security needs, backed by experts offering ongoing guidance and support. Delivering multiple layers of protection, Defendify provides an all-in-one, easy-to-use platform designed to strengthen cybersecurity across people, process, and technology, continuously. With Defendify, organizations streamline cybersecurity assessments, testing, policies, training, detection, response &amp; containment in one consolidated and cost-effective cybersecurity solution. 3 layers, 13 solutions, 1 platform, including: • Managed Detection &amp; Response • Cyber Incident Response Plan • Cybersecurity Threat Alerts • Phishing Simulations • Cybersecurity Awareness Training • Cybersecurity Awareness Videos • Cybersecurity Awareness Posters &amp; Graphics • Technology Acceptable Use Policy • Cybersecurity Risk Assessments • Penetration Testing • Vulnerability Scanning • Compromised Password Scanning • Website Security Scanning See Defendify in action at www.defendify.com.


**Average Rating:** 4.7/5.0
**Total Reviews:** 57
**How Do G2 Users Rate Defendify All-In-One Cybersecurity Solution?**

- **Has the product been a good partner in doing business?:** 9.8/10 (Category avg: 9.2/10)
- **Detection Rate:** 9.2/10 (Category avg: 8.9/10)
- **Automated Scans:** 9.4/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 8.9/10 (Category avg: 8.4/10)

**Who Is the Company Behind Defendify All-In-One Cybersecurity Solution?**

- **Seller:** [Defendify](https://www.g2.com/sellers/defendify)
- **Year Founded:** 2017
- **HQ Location:** Portland, Maine
- **Twitter:** @defendify (305 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/11098948/ (37 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 65% Small-Business, 35% Mid-Market


#### What Are Defendify All-In-One Cybersecurity Solution's Pros and Cons?

**Pros:**

- Ease of Use (8 reviews)
- Cybersecurity (6 reviews)
- Easy Setup (5 reviews)
- Insights (5 reviews)
- Monitoring (5 reviews)

**Cons:**

- Inadequate Reporting (4 reviews)
- Poor Reporting (4 reviews)
- Lack of Information (2 reviews)
- Limited Customization (2 reviews)
- Limited Features (2 reviews)


### What Do G2 Reviewers Say About Defendify All-In-One Cybersecurity Solution?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of implementation and integration** with other systems, enhancing overall cybersecurity management effortlessly.
- Users appreciate the **all-in-one cybersecurity solution** from Defendify, enhancing security and user awareness seamlessly.
- Users value the **easy setup** of Defendify, allowing quick implementation and integration with minimal hassle.
- Users value the **comprehensive training and proactive security insights** provided by Defendify&#39;s All-In-One Cybersecurity Solution.
- Users value the **comprehensive monitoring features** of Defendify, enhancing their cybersecurity posture effectively and efficiently.

**Cons:**

- Users find the **reporting inadequate** , noting a need for more concise and customizable reporting options.
- Users find the **poor reporting** of Defendify lacking custom options and concise formats for better communication.
- Users express a desire for **more concise reports** and detailed penetration testing steps in the Defendify solution.
- Users note the **limited customization options** , wishing for more tailored reporting and branding features for their organization.
- Users note the lack of **custom reporting options** , which limits personalization and future monitoring adaptability.

#### What Are Recent G2 Reviews of Defendify All-In-One Cybersecurity Solution?

**"[Comprehensive and robust protection](https://www.g2.com/survey_responses/defendify-all-in-one-cybersecurity-solution-review-10560878)"**

**Rating:** 4.5/5.0 stars
*— Verified User in Computer &amp; Network Security*

[Read full review](https://www.g2.com/survey_responses/defendify-all-in-one-cybersecurity-solution-review-10560878)

---

**"[Perfect  Vulnerability Management for Software Companies](https://www.g2.com/survey_responses/defendify-all-in-one-cybersecurity-solution-review-10488301)"**

**Rating:** 4.5/5.0 stars
*— Akhil V.*

[Read full review](https://www.g2.com/survey_responses/defendify-all-in-one-cybersecurity-solution-review-10488301)

---


#### What Are G2 Users Discussing About Defendify All-In-One Cybersecurity Solution?

- [What is Defendify Cybersecurity Platform used for?](https://www.g2.com/discussions/what-is-defendify-cybersecurity-platform-used-for)

### 11. [Gearset DevOps](https://www.g2.com/products/gearset-devops/reviews)
Gearset is the global leader in Salesforce DevOps. It’s a DevOps platform that helps organizations manage, automate, and govern the full Salesforce development lifecycle, from planning and deployment to testing, data management, and compliance. The platform is designed for Salesforce teams that need reliable, scalable DevOps processes across complex org environments. Gearset is used by mid-market and enterprise organizations across regulated and non-regulated industries, including healthcare, financial services, insurance, and technology. Typical users include Salesforce administrators, developers, DevOps engineers, release managers, and platform owners responsible for maintaining deployment quality, security, and operational consistency. The platform supports a wide range of Salesforce use cases, including metadata and CPQ deployments, CI/CD automation, code review workflows, sandbox seeding, test automation, and monitoring. As well as deployment automation, Gearset includes tools for Salesforce data protection and long-term data management, such as automated backups, data restore, and archiving. Observability and Org Intelligence features provide insight into org health, deployment risk, and system changes over time. Gearset also includes governance and compliance capabilities designed for enterprise environments. These features help teams maintain audit readiness and enforce access controls while supporting compliance frameworks such as SOX, ISO, HIPAA, and GDPR. The platform is delivered as a managed service and integrates with Salesforce environments without requiring complex local infrastructure. Key features and capabilities include: - Salesforce metadata, CPQ, and data deployments with CI/CD automation and version control integration - Code review, test automation, and release validation to support quality and consistency - Automated Salesforce backups, restore, and data archiving for data protection and retention - Sandbox seeding, observability, and Org Intelligence to support environment management and visibility - Governance features including audit trails, role-based access controls, and compliance support Gearset is a Salesforce Partner and has supported Salesforce teams globally since 2015. The platform is used by organizations managing multiple orgs (across regions), frequent releases, and complex compliance requirements, helping teams reduce deployment risk, improve operational visibility, and maintain control over Salesforce change management processes.


**Average Rating:** 4.7/5.0
**Total Reviews:** 292
**How Do G2 Users Rate Gearset DevOps?**

- **Has the product been a good partner in doing business?:** 9.5/10 (Category avg: 9.2/10)
- **Detection Rate:** 7.5/10 (Category avg: 8.9/10)
- **Automated Scans:** 8.9/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 8.3/10 (Category avg: 8.4/10)

**Who Is the Company Behind Gearset DevOps?**

- **Seller:** [Gearset](https://www.g2.com/sellers/gearset)
- **Company Website:** https://www.gearset.com
- **Year Founded:** 2015
- **HQ Location:** Cambridge, Cambridgeshire
- **Twitter:** @GearsetHQ (1,182 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/10478150/ (366 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Salesforce Developer, Salesforce Administrator
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 37% Mid-Market, 33% Small-Business


#### What Are Gearset DevOps's Pros and Cons?

**Pros:**

- Ease of Use (25 reviews)
- Deployment (21 reviews)
- Easy Deployment (17 reviews)
- Customer Support (16 reviews)
- Deployment Ease (14 reviews)

**Cons:**

- Deployment Issues (6 reviews)
- Expensive (5 reviews)
- Complexity (4 reviews)
- Data Management (4 reviews)
- Missing Features (4 reviews)


### What Do G2 Reviewers Say About Gearset DevOps?
*AI-generated summary from verified user reviews*

**Pros:**

- Users commend the **ease of use** of Gearset DevOps, praising its smooth setup and efficient management of deployments.
- Users value the **ease and flexibility of deployments** with Gearset, enhancing efficiency and minimizing human error.
- Users value the **easy deployment** of Gearset DevOps, enabling quick and efficient management of projects and releases.
- Users value the **exceptional customer support** from Gearset DevOps, highlighting their responsiveness and helpfulness with issues and requests.
- Users praise the **deployment ease** of Gearset DevOps, noting a smooth setup and efficient management of releases.

**Cons:**

- Users struggle with **deployment issues** such as manual activation of Flows and potential metadata overwrites during production changes.
- Users find Gearset DevOps to be **expensive for larger teams** , impacting budget considerations despite its advanced features.
- Users find the **complexity of Gearset DevOps** overwhelming, seeking improvements in automation and simplified processes.
- Users face **limitations in data management** with Gearset, as some metadata does not transfer accurately between environments.
- Users find the **missing features** of Gearset DevOps, like automated dependency tracking and mobile support, limiting their efficiency.

#### What Are Recent G2 Reviews of Gearset DevOps?

**"[Powerful Salesforce DevOps That Makes Every Release Easier](https://www.g2.com/survey_responses/gearset-devops-review-13031923)"**

**Rating:** 5.0/5.0 stars
*— Paul B.*

[Read full review](https://www.g2.com/survey_responses/gearset-devops-review-13031923)

---

**"[Straightforward Deployments, Powerful Metadata Tools, and Outstanding Support](https://www.g2.com/survey_responses/gearset-devops-review-12770401)"**

**Rating:** 5.0/5.0 stars
*— Jacklyn J.*

[Read full review](https://www.g2.com/survey_responses/gearset-devops-review-12770401)

---



### 12. [ARMO Platform](https://www.g2.com/products/armo-platform/reviews)
ARMO Platform is the only runtime-driven, open-source first, cloud security platform. It is the only security platform that continuously minimizes cloud attack surface based on runtime insights, while actively detecting and responding to cyberattacks with real risk context. Using an eBPF-based runtime sensor to record application behavior and related activities, ARMO Platform enables DevOps, security, and platform teams to eliminate the security noise and go from thousands of irrelevant alerts to focus on the most important and exploitable threats. This allows those teams to shift from managing hypothetical security issues to mitigating actual risks and providing them with the means to remediate them. ARMO is an open-source-driven company and the creator of Kubescape, a leading open-source Kubernetes security project, now an official CNCF project. To learn more about ARMO Platform please visit: https://www.armosec.io/


**Average Rating:** 4.5/5.0
**Total Reviews:** 44
**How Do G2 Users Rate ARMO Platform?**

- **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.2/10)
- **Detection Rate:** 8.4/10 (Category avg: 8.9/10)
- **Automated Scans:** 8.7/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 8.2/10 (Category avg: 8.4/10)

**Who Is the Company Behind ARMO Platform?**

- **Seller:** [ARMO](https://www.g2.com/sellers/armo)
- **Year Founded:** 2019
- **HQ Location:** Tel Aviv, IL
- **Twitter:** @armosec (3,074 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/armosec/ (96 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 59% Small-Business, 36% Mid-Market


#### What Are ARMO Platform's Pros and Cons?

**Pros:**

- Ease of Use (8 reviews)
- Features (8 reviews)
- Security (8 reviews)
- Deployment Ease (7 reviews)
- Container Security (6 reviews)

**Cons:**

- Integration Issues (5 reviews)
- Missing Features (4 reviews)
- Difficult Configuration (3 reviews)
- Complex Querying (2 reviews)
- Complex Setup (2 reviews)


### What Do G2 Reviewers Say About ARMO Platform?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **ease of use** of ARMO Platform, as it simplifies security operations and streamlines workflows.
- Users appreciate the **automation and integration features** of ARMO Platform, enhancing efficiency and simplifying security operations.
- Users value ARMO Platform for its **advanced security features** , enhancing Kubernetes application safety and compliance effortlessly.
- Users value the **deployment ease** of ARMO Platform, enabling quick setup and seamless integration with existing tools.
- Users value the **easy setup and automation** of ARMO Platform, enhancing security and compliance for cloud-native applications.

**Cons:**

- Users face **integration issues** with ARMO Platform that lead to disruptions and confusion during project work.
- Users experience **missing features** in ARMO Platform that hinder efficient project workflows and cause confusion during use.
- Users face a **difficult configuration** process on the ARMO Platform, requiring time and effort to master.
- Users face a noticeable **learning curve** with ARMO Platform&#39;s complex interface, impacting efficiency and integration ease.
- Users find the **complex setup** of ARMO Platform challenging, especially those with less experience in Kubernetes.

#### What Are Recent G2 Reviews of ARMO Platform?

**"[Game-Changer for Application Cluster Security &amp; Visibility](https://www.g2.com/survey_responses/armo-platform-review-11603726)"**

**Rating:** 5.0/5.0 stars
*— Jay N.*

[Read full review](https://www.g2.com/survey_responses/armo-platform-review-11603726)

---

**"[Streamlined Kubernetes Security with Actionable Remediations](https://www.g2.com/survey_responses/armo-platform-review-11159133)"**

**Rating:** 4.5/5.0 stars
*— Abhineet S.*

[Read full review](https://www.g2.com/survey_responses/armo-platform-review-11159133)

---


#### What Are G2 Users Discussing About ARMO Platform?

- [What is ARMO used for?](https://www.g2.com/discussions/what-is-armo-used-for)

### 13. [Acunetix by Invicti](https://www.g2.com/products/acunetix-by-invicti/reviews)
Acunetix (by Invicti) is an automated application security testing tool that enables small security teams to tackle huge application security challenges. With fast scanning, comprehensive results, and intelligent automation, Acunetix helps organizations to reduce risk across all types of web applications, websites, and APIs. With Acunetix, security teams can: - Save time and resources by automating manual security processes - Work more seamlessly with developers, or embrace DevSecOps by integrating directly into development tools - Feel confident that every web application has been crawled entirely thanks to DAST + IAST scanning and intelligent crawling technology - Finally, make web application and API security a priority and not just an add-on with a solution that is dedicated to application and API security 100% of the time You can depend on Acunetix to meet your organization’s needs today and face the challenges of modern web technology together tomorrow.


**Average Rating:** 4.1/5.0
**Total Reviews:** 100
**How Do G2 Users Rate Acunetix by Invicti?**

- **Has the product been a good partner in doing business?:** 8.2/10 (Category avg: 9.2/10)
- **Detection Rate:** 8.5/10 (Category avg: 8.9/10)
- **Automated Scans:** 8.6/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 7.9/10 (Category avg: 8.4/10)

**Who Is the Company Behind Acunetix by Invicti?**

- **Seller:** [Invicti Security](https://www.g2.com/sellers/invicti-security-04cb0d3d-fd96-45b2-83dc-2038fc9dac92)
- **Company Website:** https://www.invicti.com/
- **Year Founded:** 2018
- **HQ Location:** Austin, Texas
- **Twitter:** @InvictiSecurity (2,557 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/invicti-security/people/ (335 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 40% Enterprise, 34% Mid-Market


#### What Are Acunetix by Invicti's Pros and Cons?

**Pros:**

- Vulnerability Detection (7 reviews)
- Ease of Use (6 reviews)
- Security (5 reviews)
- Vulnerability Identification (5 reviews)
- Accuracy of Results (4 reviews)

**Cons:**

- Expensive (4 reviews)
- Complexity (3 reviews)
- Complex Setup (3 reviews)
- Slow Scanning (3 reviews)
- Difficult Customization (2 reviews)


### What Do G2 Reviewers Say About Acunetix by Invicti?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **accurate and fast vulnerability detection** of Acunetix, enhancing security with minimal false positives.
- Users value the **ease of use** of Acunetix, making vulnerability scanning and integration into workflows seamless.
- Users value Acunetix for its **robust security capabilities** , effectively enhancing web application safety with automatic vulnerability detection.
- Users commend the **accurate vulnerability identification** of Acunetix, enhancing web application security and ease of use.
- Users commend the **accuracy of results** from Acunetix, enhancing web application security with reliable vulnerability detection.

**Cons:**

- Users find Acunetix to be **expensive** , especially challenging for smaller teams or projects with limited budgets.
- Users find the **complexity in setup and resource consumption** of Acunetix challenging, especially for large applications.
- Users find the **complex setup** of Acunetix challenging, especially for initial configurations and tool integrations.
- Users find the **slow scanning** process frustrating, especially during extensive audits of large web applications.
- Users find **difficult customization** to be a challenge, requiring technical expertise and patience for effective integration and setup.

#### What Are Recent G2 Reviews of Acunetix by Invicti?

**"[Powerful Security Scanning Made Easy with Acunetix](https://www.g2.com/survey_responses/acunetix-by-invicti-review-11964967)"**

**Rating:** 5.0/5.0 stars
*— Deepesh V.*

[Read full review](https://www.g2.com/survey_responses/acunetix-by-invicti-review-11964967)

---

**"[Effortless Vulnerability Detection That Fits Seamlessly into DevSecOps](https://www.g2.com/survey_responses/acunetix-by-invicti-review-11909125)"**

**Rating:** 5.0/5.0 stars
*— Ranit D.*

[Read full review](https://www.g2.com/survey_responses/acunetix-by-invicti-review-11909125)

---


#### What Are G2 Users Discussing About Acunetix by Invicti?

- [How has Acunetix supported your web security efforts, and what features do you rely on most?](https://www.g2.com/discussions/how-has-acunetix-supported-your-web-security-efforts-and-what-features-do-you-rely-on-most)
- [What is Acunetix by Invicti used for?](https://www.g2.com/discussions/what-is-acunetix-by-invicti-used-for)

### 14. [Zenmap](https://www.g2.com/products/zenmap/reviews)
Zenmap is the official graphical user interface (GUI) for the Nmap Security Scanner, designed to make network scanning accessible for both beginners and experienced users. This multi-platform, free, and open-source application supports operating systems such as Linux, Windows, Mac OS X, and BSD. Zenmap simplifies the process of network discovery and security auditing by providing an intuitive interface to Nmap&#39;s powerful features. Key Features and Functionality: - Profile Management: Users can save frequently used scans as profiles, enabling quick and consistent execution of routine network assessments. - Command Creation: An interactive command creator assists in building Nmap command lines, making it easier to customize scans without extensive command-line knowledge. - Result Management: Scan results can be saved for future reference, compared to identify changes over time, and are stored in a searchable database for efficient retrieval. - Network Topology Visualization: Zenmap offers an interactive, animated visualization of network topology, illustrating the relationships and paths between hosts. - Cross-Platform Compatibility: The application runs on multiple operating systems, ensuring flexibility and broad accessibility. Primary Value and User Solutions: Zenmap addresses the need for a user-friendly interface to Nmap&#39;s comprehensive network scanning capabilities. By providing graphical representations and simplified management of scan profiles and results, it enables users to efficiently monitor network security, detect unauthorized devices, and manage service upgrades. This tool is particularly valuable for system and network administrators seeking to maintain secure and well-documented network environments.


**Average Rating:** 4.5/5.0
**Total Reviews:** 26
**How Do G2 Users Rate Zenmap?**

- **Has the product been a good partner in doing business?:** 7.9/10 (Category avg: 9.2/10)
- **Detection Rate:** 8.8/10 (Category avg: 8.9/10)
- **Automated Scans:** 8.3/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 7.3/10 (Category avg: 8.4/10)

**Who Is the Company Behind Zenmap?**

- **Seller:** [Nmap](https://www.g2.com/sellers/nmap)
- **HQ Location:** N/A
- **Twitter:** @nmap (136,374 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/nmap-corp (4 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services
- **Company Size:** 50% Mid-Market, 39% Small-Business


#### What Are Zenmap's Pros and Cons?

**Pros:**

- Ease of Use (1 reviews)
- Implementation Ease (1 reviews)

**Cons:**

- Issue Management (1 reviews)
- Poor Interface Design (1 reviews)


### What Do G2 Reviewers Say About Zenmap?
*AI-generated summary from verified user reviews*

**Pros:**

- Users find Zenmap&#39;s **ease of use** highly beneficial for penetration testing and cybersecurity tasks.
- Users find Zenmap to be **easy to implement** , making it accessible for penetration testers and security analysts.

**Cons:**

- Users find the **limited command functionality** of Zenmap restricts their experience compared to other tools.
- Users find Zenmap&#39;s **poor interface design** challenging, limiting their command usage and overall experience.

#### What Are Recent G2 Reviews of Zenmap?

**"[A quick review of Zenmap](https://www.g2.com/survey_responses/zenmap-review-6592716)"**

**Rating:** 4.0/5.0 stars
*— mohit m.*

[Read full review](https://www.g2.com/survey_responses/zenmap-review-6592716)

---

**"[GUI front-end that brings Nmap’s power to the desktop](https://www.g2.com/survey_responses/zenmap-review-11453646)"**

**Rating:** 4.5/5.0 stars
*— Luca P.*

[Read full review](https://www.g2.com/survey_responses/zenmap-review-11453646)

---


#### What Are G2 Users Discussing About Zenmap?

- [What is Zenmap used for?](https://www.g2.com/discussions/zenmap-what-is-zenmap-used-for)
- [How do I install Zenmap?](https://www.g2.com/discussions/how-do-i-install-zenmap)
- [Is Nmap scanning illegal?](https://www.g2.com/discussions/is-nmap-scanning-illegal)
- [What are the features of nmap?](https://www.g2.com/discussions/what-are-the-features-of-nmap)
- [What is Zenmap used for?](https://www.g2.com/discussions/what-is-zenmap-used-for)

### 15. [StackHawk](https://www.g2.com/products/stackhawk/reviews)
StackHawk is reimagining AppSec for AI-driven development, where applications are built faster than traditional AppSec tools can keep up. Our AppSec Intelligence Platform combines scalable runtime testing with complete attack surface discovery from source code. We integrate directly into development workflows and provide context-aware remediations to developers, enabling teams to find and fix exploitable vulnerabilities before they reach production. With real-time visibility and centralized program intelligence, AppSec teams can prioritize testing and fixing what matters. Companies like British Airways, ITV, and Norstella trust StackHawk to evaluate application risk, prove program value, and scale testing coverage to match development velocity.


**Average Rating:** 4.6/5.0
**Total Reviews:** 67
**How Do G2 Users Rate StackHawk?**

- **Has the product been a good partner in doing business?:** 9.1/10 (Category avg: 9.2/10)
- **Detection Rate:** 8.7/10 (Category avg: 8.9/10)
- **Automated Scans:** 8.7/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 5.3/10 (Category avg: 8.4/10)

**Who Is the Company Behind StackHawk?**

- **Seller:** [StackHawk](https://www.g2.com/sellers/stackhawk)
- **Year Founded:** 2019
- **HQ Location:** Denver, CO
- **Twitter:** @StackHawk (1,137 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/40780406/ (31 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 46% Small-Business, 35% Mid-Market


#### What Are StackHawk's Pros and Cons?

**Pros:**

- Easy Integrations (4 reviews)
- Customer Support (3 reviews)
- Customizability (3 reviews)
- Efficiency Improvement (3 reviews)
- Scanning Efficiency (3 reviews)

**Cons:**

- Complex Setup (3 reviews)
- High Learning Curve (3 reviews)
- Lacking Features (3 reviews)
- Limited Scope (3 reviews)
- Setup Complexity (3 reviews)


### What Do G2 Reviewers Say About StackHawk?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **easy integrations** of StackHawk, enhancing CI/CD pipelines and streamlining the onboarding process.
- Users commend StackHawk for its **exceptional customer support** , providing expert assistance and enhancing the overall user experience.
- Users value the **customizability** of StackHawk, appreciating its flexibility and integration options for unique workflows.
- Users find that StackHawk greatly enhances **efficiency** , enabling quicker identification and resolution of security vulnerabilities.
- Users value the **scanning efficiency** of StackHawk, enabling faster and more effective security scanning processes.

**Cons:**

- Users find the **complex setup** process frustrating due to the lack of simplified documentation and time-consuming configurations.
- Users face a **high learning curve** with StackHawk due to its complex setup and scripting requirements.
- Users find StackHawk **lacking features** , especially in API management and intuitive setup, hindering vulnerability management.
- Users note the **limited scope** of StackHawk, particularly regarding on-prem usage and automation capabilities.
- Users find **setup complexity** frustrating, as extensive YAML config trials are necessary for effective onboarding and scans.

#### What Are Recent G2 Reviews of StackHawk?

**"[StackHawk is a great DAST security tool](https://www.g2.com/survey_responses/stackhawk-review-10761348)"**

**Rating:** 5.0/5.0 stars
*— David M.*

[Read full review](https://www.g2.com/survey_responses/stackhawk-review-10761348)

---

**"[A Game-Changer for DevSecOps](https://www.g2.com/survey_responses/stackhawk-review-8847655)"**

**Rating:** 5.0/5.0 stars
*— Todd L.*

[Read full review](https://www.g2.com/survey_responses/stackhawk-review-8847655)

---


#### What Are G2 Users Discussing About StackHawk?

- [What is StackHawk used for?](https://www.g2.com/discussions/what-is-stackhawk-used-for)

### 16. [Detectify](https://www.g2.com/products/detectify/reviews)
Detectify sets a new standard for advanced application security testing, challenging traditional DAST by providing evolving coverage of each and every exposed asset across the changing attack surface. AppSec teams trust Detectify to expose how attackers will exploit their Internet-facing applications. The Detectify platform automates continuous real-world, payload-based attacks fuelled by its global community of elite ethical hackers into its own expert-built engines, exposing critical weaknesses before it&#39;s too late. The Detectify solution includes: - Automated discovery of known and unknown digital assets via domain &amp; cloud connectors - Continuous coverage (24/7) of every corner of the attack surface with dynamic testing. Not just predefined targets - 100% payload-based testing fuelled by elite ethical hackers for a high signal-to-noise ratio - Distributed coverage across an unmatched array of relevant technologies - Actionable remediation tips for software development teams - Team functionality to easily share reports - Powerful integrations platform to prioritize and triage vulnerability findings onward to development teams -Advanced API functionality -Capabilities to set custom attack surface security policies


**Average Rating:** 4.5/5.0
**Total Reviews:** 49
**How Do G2 Users Rate Detectify?**

- **Has the product been a good partner in doing business?:** 9.7/10 (Category avg: 9.2/10)
- **Detection Rate:** 8.5/10 (Category avg: 8.9/10)
- **Automated Scans:** 8.9/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 8.3/10 (Category avg: 8.4/10)

**Who Is the Company Behind Detectify?**

- **Seller:** [Detectify](https://www.g2.com/sellers/detectify)
- **Year Founded:** 2013
- **HQ Location:** Stockholm, Sweden
- **Twitter:** @detectify (11,256 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/2850066/ (92 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 47% Small-Business, 35% Mid-Market


#### What Are Detectify's Pros and Cons?

**Pros:**

- Automation (2 reviews)
- Automation Testing (2 reviews)
- Customizability (2 reviews)
- Features (2 reviews)
- Security (2 reviews)

**Cons:**

- Complexity (1 reviews)
- Complex Queries (1 reviews)
- Complex Setup (1 reviews)
- Expensive (1 reviews)
- Inaccuracy (1 reviews)


### What Do G2 Reviewers Say About Detectify?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **automation capabilities** of Detectify, enjoying seamless integration and tailored security testing processes.
- Users value the **easy automation and integration** features of Detectify that enhance security testing efficiently.
- Users value the **customizability** of Detectify, enabling easy integration and tailored security testing to fit diverse needs.
- Users appreciate the **easy integration and comprehensive features** of Detectify for efficient security testing.
- Users appreciate Detectify for its **effective dynamic application security testing** , ensuring comprehensive security without complex setups.

**Cons:**

- Users find the **initial complexity** of setting up Detectify to be a challenging aspect of the product.
- Users find the **complex queries** in Detectify challenging, impacting clarity on spidering results and app assessment.
- Users find the **complex setup** of Detectify to be a challenging start, impacting its usability for newcomers.
- Users find Detectify to be **expensive** when testing multiple sites, impacting its affordability for small operations.
- Users find **inaccuracy in outcomes** from Detectify&#39;s spidering, lacking clarity on app assessment completeness.

#### What Are Recent G2 Reviews of Detectify?

**"[Very happy from an admin/IT security manager view](https://www.g2.com/survey_responses/detectify-review-8197913)"**

**Rating:** 5.0/5.0 stars
*— Björn L.*

[Read full review](https://www.g2.com/survey_responses/detectify-review-8197913)

---

**"[Vulnerability scans made easy](https://www.g2.com/survey_responses/detectify-review-9059869)"**

**Rating:** 5.0/5.0 stars
*— Arkadiusz K.*

[Read full review](https://www.g2.com/survey_responses/detectify-review-9059869)

---


#### What Are G2 Users Discussing About Detectify?

- [What is Detectify used for?](https://www.g2.com/discussions/what-is-detectify-used-for)
- [Is Detectify a DAST tool?](https://www.g2.com/discussions/is-detectify-a-dast-tool)
- [How does Detectify app work?](https://www.g2.com/discussions/how-does-detectify-app-work)
- [What does Detectify scan for?](https://www.g2.com/discussions/what-does-detectify-scan-for)
- [What is Detectify Deep scan?](https://www.g2.com/discussions/what-is-detectify-deep-scan)

### 17. [OpenVAS](https://www.g2.com/products/openvas/reviews)
OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.


**Average Rating:** 4.4/5.0
**Total Reviews:** 28
**How Do G2 Users Rate OpenVAS?**

- **Has the product been a good partner in doing business?:** 7.5/10 (Category avg: 9.2/10)
- **Detection Rate:** 8.1/10 (Category avg: 8.9/10)
- **Automated Scans:** 8.3/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 7.0/10 (Category avg: 8.4/10)

**Who Is the Company Behind OpenVAS?**

- **Seller:** [OpenVAS](https://www.g2.com/sellers/openvas)
- **Year Founded:** 2020
- **HQ Location:** Zug, CH
- **Twitter:** @openvas (1,362 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/openvasp-association (2 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer &amp; Network Security, Information Technology and Services
- **Company Size:** 56% Mid-Market, 34% Small-Business



#### What Are Recent G2 Reviews of OpenVAS?

**"[Openvas pros and cons](https://www.g2.com/survey_responses/openvas-review-4559042)"**

**Rating:** 4.5/5.0 stars
*— Talha A.*

[Read full review](https://www.g2.com/survey_responses/openvas-review-4559042)

---

**"[A powerful and free tool](https://www.g2.com/survey_responses/openvas-review-8158632)"**

**Rating:** 4.0/5.0 stars
*— Victor Hugo M.*

[Read full review](https://www.g2.com/survey_responses/openvas-review-8158632)

---


#### What Are G2 Users Discussing About OpenVAS?

- [What is OpenVAS used for?](https://www.g2.com/discussions/what-is-openvas-used-for)


## What Is Vulnerability Scanner Software?

[DevSecOps Software](https://www.g2.com/categories/devsecops)

## What Software Categories Are Similar to Vulnerability Scanner Software?

- [Penetration Testing Tools](https://www.g2.com/categories/penetration-testing-tools)
- [Dynamic Application Security Testing (DAST) Software](https://www.g2.com/categories/dynamic-application-security-testing-dast)
- [Risk-Based Vulnerability Management Software](https://www.g2.com/categories/risk-based-vulnerability-management)


---

## How Do You Choose the Right Vulnerability Scanner Software?

### What You Should Know About Vulnerability Scanner Software

### What is Vulnerability Scanner Software?

Vulnerability scanners are used to examine applications, networks, and environments for security flaws and misconfigurations. These tools run a variety of dynamic security tests to identify security threats along an application or network’s attack surface. Scans can be used for anything from an application penetration test to a compliance scan. Depending on the specific objectives a user has, they can customize the vulnerability scanner to test for specific issues or requirements.

Companies can configure these tests to their unique environment. Companies that handle lots of personal or financial data may scan to ensure every transaction or datastore is encrypted from the public. They could also test their web applications against specific threats like SQL injection or cross-site scripting (XSS) attacks. The highly-customizable nature of vulnerability scanners provides users with tailor-made solutions for application and network security examination.

Many of these tools offer continuous scanning and testing for nonstop protection and monitoring. Whatever administrators set as a priority will be tested periodically and inform employees of issues or incidents. Continuous monitoring makes it much easier to discover vulnerabilities before they become an issue and drastically reduce the amount of time a vulnerability takes to remediate.

Top vulnerability scanner software with CVE remediation guidance typically combines automated scanning with prioritized fix recommendations that map findings to severity scores, exposure paths, and patch availability. Based on G2 reviews, security teams evaluate vulnerability scanner software by comparing CVE remediation depth, false positive rates, and how quickly the platform integrates into existing CI/CD pipelines and cloud environments.

Key Benefits of Vulnerability Scanner Software

- Scan networks and applications for security flaws
- Diagnose, track, and remediate vulnerabilities
- Identify and resolve misconfigurations
- Perform ad hoc security tests

### Why Use Vulnerability Scanner Software?

Applications and networks are only beneficial to a business if they operate smoothly and securely. Vulnerability scanners are a useful tool to view internal systems and applications from the perspective of the attacker. These tools allow for dynamic testing while applications operate. This helps security teams take a step beyond patches and code analysis to evaluate security posture while the application, network, or instance actually runs.

**Application security—** Cloud, web, and desktop applications all require security, but operate differently. While many vulnerability scanners support testing for all kinds of applications, vulnerability scanners often support a few application types, but not others. Still, they will all examine the application itself, as well as the paths a user needs to access it. For example, if a vulnerability scanner is used on a web application, the tool will take into account the various attack vectors a hacker might take. This includes a site’s navigation, regional access, privileges, and other factors decided by the user. From there, the scanner will output reports on specific vulnerabilities, compliance issues, and other operational flaws.

**Networks —** While software applications are often the most obvious use cases for vulnerability scanners, network vulnerability scanners are also quite common. These tools take into account the network itself, as well as computers, servers, mobile devices and any other asset accessing a network. This helps businesses identify vulnerable devices and abnormal behaviors within a network to identify and remediate issues as well as improve their network&#39;s security posture. Many even provide visual tools for mapping networks and their associated assets to simplify the management and prioritization of vulnerabilities requiring remediation.

**Cloud environments —** Not to be confused with cloud-based solutions delivered in a SaaS model, cloud vulnerability scanners examine cloud services, cloud computing environments, and integrated connections. Like network vulnerability scanners, cloud environments require an examination on a few levels. Cloud assets come in many forms including devices, domains, and instances; but all must be accounted for and scanned. In a properly secured cloud computing environment, integrations and API connections, assets, and environments must all be mapped, configurations must be monitored, and requirements must be enforced.

Based on G2 reviews, vulnerability scanner platforms generating VLAN audit reports are evaluated primarily by security teams running segmented enterprise networks where compliance frameworks (PCI, HIPAA, SOC 2, ISO 27001) require documented scans across each network zone. Reviewers point to audit-ready compliance reporting, granular scan scope by IP range and network segment, and exportable evidence formats as the features that determine whether the platform shortens the audit prep cycle or adds another step to it.

### What are the Common Features of Vulnerability Scanner Software?

Vulnerability scanners can provide a wide range of features, but here are a few of the most common found in the market.

**Network mapping —** Network mapping features provide a visual representation of network assets including endpoints, servers, and mobile devices to intuitively demonstrate an entire network’s components.

**Web inspection —** Web inspection features are used to assess the security of a web application in the context of its availability. This includes site navigation, taxonomies, scripts, and other web-based operations that may impact a hacker’s abilities.

[**Defect tracking**](https://www.g2.com/categories/vulnerability-scanner/f/issue-tracking) **—** Defect and issue tracking functionality helps users discover and document vulnerabilities and track them to their source through the resolution process.

**Interactive scanning —** Interactive scanning or interactive application security testing features allow a user to be directly involved in the scanning process, watch tests in real time, and perform ad hoc tests.

[**Perimeter scanning**](https://www.g2.com/categories/vulnerability-scanner/f/perimeter-scanning) **—** Perimeter scanning will analyze assets connected to a network or cloud environment for vulnerabilities.

[**Black box testing**](https://www.g2.com/categories/vulnerability-scanner/f/black-box-testing) **—** Black box scanning refers to tests conducted from the hacker’s perspective. Black box scanning examines functional applications externally for vulnerabilities like SQL injection or XSS.

**Continuous monitoring —** Continuous monitoring allows users to set it and forget it. They enable scanners to run all the time as they alert users of new vulnerabilities.

[**Compliance monitoring**](https://www.g2.com/categories/vulnerability-scanner/f/compliance-testing) **—** Compliance-related monitoring features are used to monitor data quality and send alerts based on violations or misuse.

**Asset discovery —** Asset discovery features unveil applications in use and trends associated with asset traffic, access, and usage.

**Logging and reporting —** Log documentation and reporting provides required reports to manage operations. It provides adequate logging to troubleshoot and support auditing.

**Threat intelligence —** Threat intelligence features integrate with or store information related to common threats and how to resolve them once incidents occur.

**Risk analysis —** Risk scoring and risk analysis features identify, score, and prioritize security risks, vulnerabilities, and compliance impacts of attacks and breaches.

**Extensibility —** Extensibility and integration features provide the ability to extend the platform or product to include additional features and functionalities.

Based on G2 reviews, the most trusted vulnerability scanner platforms in 2026 for security teams lead on CVE remediation guidance and easy setup onboarding, with reviewers describing time-to-first-scan in hours rather than weeks. SOC and AppSec teams point to clear remediation steps, severity scoring, and actionable findings as the features that distinguish platforms they actively use from ones that produce noise. Vulnerability scanner solutions with easy setup onboarding are highlighted in recent reviews for delivering full environment visibility on day one through agentless, API-driven architectures, with documentation that reduces the engineering lift typically associated with rolling out vulnerability scanning.

Many vulnerability scanner tools will also offer the following features:&amp;nbsp;

- [Configuration monitoring capabilities](https://www.g2.com/categories/vulnerability-scanner/f/configuration-monitoring)
- [Automated scan capabilities](https://www.g2.com/categories/vulnerability-scanner/f/automated-scans)
- [Manual application testing capabilities](https://www.g2.com/categories/vulnerability-scanner/f/manual-application-testing)
- [Static code analysis capabilities](https://www.g2.com/categories/vulnerability-scanner/f/static-code-analysis)

### Potential Issues with Vulnerability Scanner Software

**False positives —** False positives are one of the most common issues with security tools. They indicate a tool is not running efficiently and introduce lots of unnecessary labor. Users should examine figures related to specific products and their accuracy before purchasing a solution.

**Integrations —** Integrations can make an application or product do virtually anything, but only if the integration is supported. If a specific solution must be integrated or a specific data source is highly relevant, be sure it’s compatible with the vulnerability scanner before making that decision.

**Scalability —** Scalability is always important, especially for growing teams. Cloud and SaaS-based solutions are traditionally the most scalable, but desktop and open source tools may be as well. Scalability will be important for teams considering collaborative use, concurrent use, and multi-application and environment scanning.

### Software and Services Related to Vulnerability Scanner Software

These technology families are either closely related to vulnerability scanners or there is frequent overlap between products.

[**Risk-based vulnerability management software**](https://www.g2.com/categories/risk-based-vulnerability-management) **—** Risk-based vulnerability management software is used to analyze security posture based on a wide array of risk factors. From there, companies prioritize vulnerabilities based on their risk score. These tools often have some overlapping features, but they’re more geared towards prioritizing risks in large organizations rather than identifying vulnerabilities to individual applications or environments.

[**Dynamic application security testing (DAST) software**](https://www.g2.com/categories/dynamic-application-security-testing-dast) **—** DAST software is very closely related to vulnerability scanners and are sometimes used interchangeably. The differentiating factor here, though, is the ability to scan networks, cloud services, and IT assets in addition to applications. While they do scan for vulnerabilities, they won’t allow users to map networks, visualize environments, or examine vulnerabilities beyond the scope of the application.

[**Static application security testing (SAST) software**](https://www.g2.com/categories/static-application-security-testing-sast) **—** SAST software is not that similar to vulnerability scanners, unlike DAST tools. SAST tools allow for the examination of source code and non-operational application components. They also can’t simulate attacks or perform functional security tests. Still, these can be useful for defect and bug tracking if the vulnerability is rooted in an application’s source code.

[**Penetration testing software**](https://www.g2.com/categories/penetration-testing) **—** Penetration testing software is one aspect of vulnerability scanning, but a penetration test will not provide a wide variety of security tests. They are useful for testing common attack types, but they won’t be very effective in identifying and remediating the root cause of a vulnerability.

Based on G2 reviews, Software Composition Analysis tools Jenkins GitLab integration continuous vulnerability scanning is the workflow pattern reviewers describe as the standard for developer-led security programs running checks inside the build pipeline rather than as a separate stage. Reviewers point to agentless, API-driven scanners integrating into CI/CD pipelines to catch secrets, misconfigurations, and open-source dependency vulnerabilities pre-deployment as the setup that scales with engineering velocity. Reviewers note that consolidated platforms unifying SCA, SAST, and exposure-management scanning under one interface are the preferred consolidation pattern over stitching together standalone tools.



