# Best tools for detecting runtime security issues?

<p class="elv-tracking-normal elv-text-default elv-font-figtree elv-text-base elv-leading-base elv-font-normal" elv="true">Hey everyone,</p><p class="elv-tracking-normal elv-text-default elv-font-figtree elv-text-base elv-leading-base elv-font-normal" elv="true"> I’ve been helping a few DevSecOps teams find tools that go beyond code and scan for <strong>security issues during runtime</strong> — catching threats as they happen, not just in pre-deployment tests. I pulled insights from G2’s latest <a class="a a--md" elv="true" href="https://www.g2.com/categories/dynamic-application-security-testing-dast"><strong>DAST Software </strong></a><strong>Grid</strong> and user reviews to see which platforms perform best for real-time detection, automation, and continuous protection.</p><p class="elv-tracking-normal elv-text-default elv-font-figtree elv-text-base elv-leading-base elv-font-normal" elv="true">Here are the top tools to look at:</p><ul>
<li>
<a class="a a--md" elv="true" href="https://www.g2.com/products/tenable-nessus/reviews"><strong>Tenable Nessus</strong></a><strong>:</strong> a clear leader for vulnerability detection across environments; great for continuous monitoring and runtime scanning within CI/CD workflows.</li>
<li>
<a class="a a--md" elv="true" href="https://www.g2.com/products/jit/reviews"><strong>Jit</strong></a><strong>:</strong> designed for DevSecOps-first pipelines; combines runtime monitoring with automated detection for faster response to live security issues.</li>
<li>
<a class="a a--md" elv="true" href="https://www.g2.com/products/aikido-security/reviews"><strong>Aikido Security</strong></a><strong>:</strong> newer but highly rated for runtime threat detection and automated remediation; strong focus on app and cloud workloads.</li>
<li>
<a class="a a--md" elv="true" href="https://www.g2.com/products/akto/reviews"><strong>Akto</strong></a><strong>:</strong> API-first platform that identifies runtime risks like broken authentication or exposed endpoints; great for microservice-heavy teams.</li>
<li>
<a class="a a--md" elv="true" href="https://www.g2.com/products/astra-pentest/reviews"><strong>Astra Pentest</strong></a><strong>: </strong>blends runtime protection with manual and automated pentesting; ideal for continuous security coverage across production environments.</li>
</ul><p class="elv-tracking-normal elv-text-default elv-font-figtree elv-text-base elv-leading-base elv-font-normal" elv="true">I based this on <strong>G2 satisfaction and feature data</strong>, plus user feedback around runtime visibility and alert accuracy. Also hearing good things about <strong>Sysdig Secure</strong> and <strong>Aqua Security</strong> for runtime protection in containerized setups — anyone here using those?</p>

##### Post Metadata
- Posted at: 6 months ago
- Author title: SaaS and Software Research
- Net upvotes: 1


## Comments
### Comment 1

&lt;p&gt;Which runtime security tools have actually caught live vulnerabilities for your team — and how do you balance detection speed with system performance?&lt;/p&gt;

##### Comment Metadata
- Posted at: 6 months ago
- Author title: SaaS and Software Research





## Related discussions
- [How well does Trello scale into a larger team?](https://www.g2.com/discussions/1-how-well-does-trello-scale-into-a-larger-team)
  - Posted at: almost 13 years ago
  - Comments: 6
- [Can we please add a new section](https://www.g2.com/discussions/2-can-we-please-add-a-new-section)
  - Posted at: almost 13 years ago
  - Comments: 0
- [Quantifiable benefits from implementing your CRM](https://www.g2.com/discussions/quantifiable-benefits-from-implementing-your-crm)
  - Posted at: almost 13 years ago
  - Comments: 4