# Top-rated DAST platforms for enterprise applications?

<p class="elv-tracking-normal elv-text-default elv-font-figtree elv-text-base elv-leading-base elv-font-normal" elv="true">Hey everyone,</p><p class="elv-tracking-normal elv-text-default elv-font-figtree elv-text-base elv-leading-base elv-font-normal" elv="true">I’ve been helping a few enterprise security teams evaluate <a class="a a--md" elv="true" href="https://www.g2.com/categories/dynamic-application-security-testing-dast"><strong>DAST (Dynamic Application Security Testing)</strong></a><a class="a a--md" elv="true" href="https://www.g2.com/categories/dynamic-application-security-testing-dast"><strong> platforms</strong></a> that can scale across large, complex environments — from web apps to APIs and multi-cloud systems. I pulled data from G2’s latest <strong>Enterprise DAST Software Grid</strong> to see which platforms enterprise users rate highest for scalability, automation, and continuous security integration.</p><p class="elv-tracking-normal elv-text-default elv-font-figtree elv-text-base elv-leading-base elv-font-normal" elv="true">Here’s what stood out (based on G2 Grid order):</p><ul>
<li>
<strong>Tenable Nessus</strong> – the clear enterprise leader; trusted for deep vulnerability coverage, reliable scanning at scale, and seamless integrations across hybrid and on-prem environments.</li>
<li>
<strong>Bright Security</strong> – a top high performer with strong satisfaction scores; well-suited for cloud-native testing and continuous scanning in enterprise CI/CD workflows.</li>
<li>
<strong>Invicti (formerly Netsparker)</strong> – established enterprise solution known for scalable scanning, automation, and proof-based vulnerability validation to minimize false positives.</li>
<li>
<strong>HCL AppScan</strong> – strong contender for large enterprises; offers combined DAST, SAST, and IAST capabilities with extensive reporting and compliance features.</li>
<li>
<strong>GitLab</strong> – integrates DAST directly into CI/CD pipelines; a good fit for enterprises already leveraging GitLab’s broader DevSecOps ecosystem.</li>
</ul><p class="elv-tracking-normal elv-text-default elv-font-figtree elv-text-base elv-leading-base elv-font-normal" elv="true">I based this on <strong>G2 satisfaction, market presence, and overall G2 score</strong>, highlighting tools consistently chosen by enterprise security teams for scalability and integration depth.</p><p class="elv-tracking-normal elv-text-default elv-font-figtree elv-text-base elv-leading-base elv-font-normal" elv="true">Also seeing <strong>StackHawk</strong> and <strong>Contrast Security</strong> mentioned frequently for modern, API-focused enterprise setups — anyone here using those?</p>

##### Post Metadata
- Posted at: 7 months ago
- Author title: SaaS and Software Research
- Net upvotes: 1


## Comments
### Comment 1

&lt;p&gt;For enterprise teams running large-scale security programs — which DAST tools have scaled best across multiple applications and CI/CD pipelines?&lt;/p&gt;

##### Comment Metadata
- Posted at: 7 months ago
- Author title: SaaS and Software Research





## Related discussions
- [How well does Trello scale into a larger team?](https://www.g2.com/discussions/1-how-well-does-trello-scale-into-a-larger-team)
  - Posted at: about 13 years ago
  - Comments: 6
- [Can we please add a new section](https://www.g2.com/discussions/2-can-we-please-add-a-new-section)
  - Posted at: about 13 years ago
  - Comments: 0
- [Quantifiable benefits from implementing your CRM](https://www.g2.com/discussions/quantifiable-benefits-from-implementing-your-crm)
  - Posted at: almost 13 years ago
  - Comments: 4