# Best Penetration Testing Tools for Small Business *By [Lauren Worth](https://research.g2.com/insights/author/lauren-worth)* Products classified in the overall Penetration Testing category are similar in many regards and help companies of all sizes solve their business problems. However, small business features, pricing, setup, and installation differ from businesses of other sizes, which is why we match buyers to the right Small Business Penetration Testing to fit their needs. Compare product ratings based on reviews from enterprise users or connect with one of G2's buying advisors to find the right solutions within the Small Business Penetration Testing category. In addition to qualifying for inclusion in the Penetration Testing Tools category, to qualify for inclusion in the Small Business Penetration Testing Tools category, a product must have at least 10 reviews left by a reviewer from a small business. ## How Many Penetration Testing Tools Products Does G2 Track? **Total Products under this Category:** 126 ### Category Stats (Jun 2026) - **Average Rating**: 4.62/5 The average rating of products in this category, based on all submitted ratings - **New Reviews This Quarter**: 114 - **Buyer Segments**: Enterprise 38% │ Mid-Market 33% │ Small-Business 29% Represents the distribution of reviewers across all products in this category. - **Top Trending Product**: Veracode Application Security Platform (+0.74%) - Among all products in this category, Veracode Application Security Platform recorded the largest rating increase compared to last month *Last updated: June 05, 2026* ## How Does G2 Rank Penetration Testing Tools Products? **Why You Can Trust G2's Software Rankings:** - 30 Analysts and Data Experts - 3,300+ Authentic Reviews - 126+ Products - Unbiased Rankings G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category. ## Which Penetration Testing Tools Is Best for Your Use Case? - **Best for Small Businesses:** [vPenTest](https://www.g2.com/products/vpentest/reviews) - **Best for Mid-Market:** [Cobalt](https://www.g2.com/products/cobalt-io-cobalt/reviews) - **Best for Enterprise:** [Pentera](https://www.g2.com/products/pentera/reviews) - **Highest User Satisfaction:** [Oneleet](https://www.g2.com/products/oneleet/reviews) - **Best Free Software:** [vPenTest](https://www.g2.com/products/vpentest/reviews) --- **Sponsored** ### Cyver Core Cyver Core is a pentest collaboration and management platform to digitize, automate, and optimize manual work for pentest firms, while enabling Pentest-as-a-Service delivery. Cyver Core offers pentest report automation, branded client portals, pentest management, team management, and more. [Visit website](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=ppc&secure%5Bad_slot%5D=category_product_list&secure%5Bcategory_id%5D=1519&secure%5Bdisplayable_resource_id%5D=1519&secure%5Bdisplayable_resource_type%5D=Category&secure%5Bmedium%5D=sponsored&secure%5Bplacement_reason%5D=page_category&secure%5Bplacement_resource_ids%5D%5B%5D=1519&secure%5Bprioritized%5D=false&secure%5Bproduct_id%5D=143763&secure%5Bresource_id%5D=1519&secure%5Bresource_type%5D=Category&secure%5Bsource_type%5D=category_page&secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fpenetration-testing-tools&secure%5Btoken%5D=6189ce51dcf4a3694c4205a62b012a0cd946140b93297e2b8116da1a003a24d6&secure%5Burl%5D=https%3A%2F%2Fcore.cyver.io%2F&secure%5Burl_type%5D=company_website) --- ## What Are the Top-Rated Penetration Testing Tools Products in 2026? ### 1. [vPenTest](https://www.g2.com/products/vpentest/reviews) Vonahi Security is building the future of offensive cybersecurity by delivering automated, high-quality penetration testing through its SaaS platform, vPenTest. Designed to replicate the tools, techniques, and methodologies of experienced consultants, vPenTest brings the benefits of manual network penetration testing into an easy-to-use, automated solution. Traditionally, penetration testing has been a manual, time consuming, and expensive process that many organizations only perform once or twice a year. This often leaves businesses exposed to emerging threats between assessments. vPenTest addresses this gap by offering fast, consistent, and on-demand testing that helps organizations evaluate their real-time cybersecurity risk more effectively. Powered by a proprietary framework that evolves through continuous research and real-world insights, vPenTest stays aligned with the latest attack techniques and industry best practices. The platform is backed by over 13 years of offensive security expertise, with the team holding certifications such as CISSP, OSCP, OSCE, CEH, and more. Their knowledge is built directly into the platform, ensuring each test is conducted with depth, consistency, and accuracy—without the delays or variability of manual testing.
 vPenTest enables organizations to run internal and external network penetration tests as often as needed monthly, quarterly, or prior to audits or insurance reviews. The automated reports provide actionable insights that make it easy to prioritize remediation and demonstrate progress toward compliance. Today, over 22,000 organizations rely on vPenTest to strengthen their security posture and reduce risk. This includes managed service providers, managed security service providers, financial institutions, compliance-driven organizations, and internal IT teams. Whether you're working to meet regulatory requirements, secure cyber insurance coverage, or proactively defend against evolving threats, vPenTest makes network penetration testing easy, affordable, and scalable. **Average Rating:** 4.6/5.0 **Total Reviews:** 234 **How Do G2 Users Rate vPenTest?** - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.4/10) - **Performance and Reliability:** 9.1/10 (Category avg: 9.1/10) - **Vulnerability Scan:** 9.0/10 (Category avg: 9.1/10) - **Extensibility:** 8.5/10 (Category avg: 8.7/10) **Who Is the Company Behind vPenTest?** - **Seller:** [Kaseya](https://www.g2.com/sellers/kaseya) - **Company Website:** https://www.kaseya.com/ - **Year Founded:** 2000 - **HQ Location:** Miami, FL - **Twitter:** @KaseyaCorp (17,427 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/kaseya/ (5,471 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** CEO - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 69% Small-Business, 24% Mid-Market #### What Are vPenTest's Pros and Cons? **Pros:** - Ease of Use (29 reviews) - Reporting Quality (28 reviews) - Pentesting Efficiency (26 reviews) - Setup Ease (18 reviews) - Ease of Implementation (14 reviews) **Cons:** - Limited Scope (12 reviews) - Complex Setup (8 reviews) - Lack of Detail (7 reviews) - Inadequate Reporting (6 reviews) - Expensive (5 reviews) ### 2. [Astra Pentest](https://www.g2.com/products/astra-pentest/reviews) Astra Security is a leading continuous penetration testing platform that combines AI-powered autonomous pentesting with certified expert-led assessments. Powered by Attack AI, trained on 6.8M+ security findings and insights from 5,000+ real-world pentests. Astra deploys intelligent agents that continuously discover, validate, prioritize, and help remediate vulnerabilities at scale. While AI handles speed and scale, Astra’s certified security experts focus on what automation alone cannot: complex business logic flaws, multi-step attack chains, advanced exploit paths, and emerging AI/LLM-specific threats. Built for modern engineering teams, Astra integrates directly into CI/CD workflows, enabling continuous security validation between releases instead of relying on outdated annual pentests. The platform delivers comprehensive DAST coverage across web applications, mobile apps, APIs, cloud infrastructure. Astra is CREST-accredited, CERT-IN empaneled, and a PCI ASV-certified vendor. Our team also led the development of the OWASP APTS framework, helping shape the industry standard for continuous security testing. Today, 1,500+ organizations across 70+ countries trust Astra Security, including Ford, Loom, CompTIA, Hitachi, HackerRank, and OLX. **Average Rating:** 4.6/5.0 **Total Reviews:** 186 **How Do G2 Users Rate Astra Pentest?** - **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.4/10) - **Performance and Reliability:** 9.0/10 (Category avg: 9.1/10) - **Vulnerability Scan:** 9.0/10 (Category avg: 9.1/10) - **Extensibility:** 8.1/10 (Category avg: 8.7/10) **Who Is the Company Behind Astra Pentest?** - **Seller:** [ASTRA IT, Inc.](https://www.g2.com/sellers/astra-it-inc) - **Company Website:** https://www.getastra.com/ - **Year Founded:** 2018 - **HQ Location:** New Delhi, IN - **Twitter:** @getastra (692 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/getastra/ (130 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** CTO, CEO - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 66% Small-Business, 30% Mid-Market #### What Are Astra Pentest's Pros and Cons? **Pros:** - Customer Support (65 reviews) - Vulnerability Detection (52 reviews) - Ease of Use (51 reviews) - Pentesting Efficiency (42 reviews) - Vulnerability Identification (38 reviews) **Cons:** - Poor Customer Support (12 reviews) - Poor Interface Design (10 reviews) - Slow Performance (8 reviews) - UX Improvement (7 reviews) - False Positives (6 reviews) ### 3. [Cobalt](https://www.g2.com/products/cobalt-io-cobalt/reviews) Cobalt is the pioneer in pentesting as a service (PTaaS) and a leader in human-led, AI-powered offensive security services. We are focused on combining talent and technology with speed, scalability, and expertise. Thousands of customers and hundreds of partners rely on the Cobalt Offensive Security Platform, along with 500+ trusted security experts, to find and fix vulnerabilities across their environments. By enabling faster pentest launches, real-time collaboration with pentesters, and seamless integration with remediation workflows, we help organizations identify critical issues and accelerate risk mitigation so they can operate fearlessly and innovate securely. **Average Rating:** 4.5/5.0 **Total Reviews:** 176 **How Do G2 Users Rate Cobalt?** - **Has the product been a good partner in doing business?:** 9.3/10 (Category avg: 9.4/10) - **Performance and Reliability:** 9.1/10 (Category avg: 9.1/10) - **Vulnerability Scan:** 8.7/10 (Category avg: 9.1/10) - **Extensibility:** 8.5/10 (Category avg: 8.7/10) **Who Is the Company Behind Cobalt?** - **Seller:** [Cobalt](https://www.g2.com/sellers/cobalt-33275b9c-c870-4949-8fd5-a68eb12f96bb) - **Company Website:** https://cobalt.io/ - **Year Founded:** 2013 - **HQ Location:** San Francisco, California - **Twitter:** @cobalt_io (8,476 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/cobalt_io/ (557 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** CTO, Security Engineer - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 51% Mid-Market, 23% Small-Business #### What Are Cobalt's Pros and Cons? **Pros:** - Pentesting Efficiency (29 reviews) - Ease of Use (20 reviews) - Customer Support (19 reviews) - Communication (16 reviews) - Reporting Quality (12 reviews) **Cons:** - Expensive (9 reviews) - Limited Scope (5 reviews) - Lack of Integration (4 reviews) - Limited Integration (4 reviews) - Confusing Interface (3 reviews) ### 4. [Intruder](https://www.g2.com/products/intruder/reviews) Intruder is an exposure management platform for scaling to mid-market businesses. Over 3000 companies - across all industries - use Intruder to find critical exposures, respond faster and prevent breaches. Unifying Attack Surface Management, Vulnerability Management and Cloud security into one powerful, easy to use platform, Intruder simplifies the complex task of securing an ever-expanding attack surface. Recognizing no two business are alike, Intruder provides real-time, accurate scanning combined with intelligent risk prioritization, ensuring businesses focus on the exposures that are most relevant to them. And our proactive approach limits the window of risk, continuously monitoring for new threats while eliminating the noise that slows teams down. Whether you're an IT Manager, in DevOps or a CISO, Intruder's easy setup and context-driven approach will free you up to focus on exposures that cause real breaches, not just technical vulnerabilities. Keeping you one step ahead of attackers. **Average Rating:** 4.8/5.0 **Total Reviews:** 206 **How Do G2 Users Rate Intruder?** - **Has the product been a good partner in doing business?:** 9.7/10 (Category avg: 9.4/10) - **Performance and Reliability:** 9.4/10 (Category avg: 9.1/10) - **Vulnerability Scan:** 9.6/10 (Category avg: 9.1/10) - **Extensibility:** 8.5/10 (Category avg: 8.7/10) **Who Is the Company Behind Intruder?** - **Seller:** [Intruder](https://www.g2.com/sellers/intruder) - **Company Website:** https://www.intruder.io - **Year Founded:** 2015 - **HQ Location:** London - **Twitter:** @intruder_io (979 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/6443623/ (84 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** CTO, Director - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 57% Small-Business, 36% Mid-Market #### What Are Intruder's Pros and Cons? **Pros:** - Ease of Use (41 reviews) - Vulnerability Detection (30 reviews) - Customer Support (25 reviews) - User Interface (24 reviews) - Vulnerability Identification (24 reviews) **Cons:** - Expensive (9 reviews) - Slow Scanning (8 reviews) - Licensing Issues (7 reviews) - False Positives (6 reviews) - Limited Features (6 reviews) ### 5. [Oneleet](https://www.g2.com/products/oneleet/reviews) Oneleet is the all-in-one security and compliance platform that gets companies genuinely secure while achieving SOC 2, ISO 27001, HIPAA and other compliance certifications faster than traditional approaches. Unlike compliance platforms that focus on checkbox evidence collection, Oneleet implements real security first. Compliance follows automatically as a natural outcome of effective cybersecurity, not as a separate goal. Most companies face a false choice: painful but effective security, or painless but ineffective compliance theater. Traditional compliance platforms require juggling multiple vendors, managing fragmented tools, spending months with consultants, and doing manual evidence collection to achieve a certificate that doesn't actually make you secure. Oneleet consolidates what previously required half a dozen vendors into one integrated platform: penetration testing by real security experts (not just vulnerability scans), code scanning with SAST and DAST, cloud security posture management, attack surface monitoring, mobile device management, security training and awareness, policy generation and management, and continuous compliance monitoring. Because we build everything ourselves and control the entire stack, we deploy comprehensive security with a click. No blind spots. No integration gaps. No vendor sprawl. We guarantee audit outcomes because our standards are higher than auditors' standards. We use AI extensively but responsibly, automating threat modeling and risk assessments while keeping humans in the loop to ensure quality. Clients never see AI hallucinations. We take full responsibility for the entire security journey, from initial setup through audit completion and continuous monitoring. Companies achieve compliance readiness faster with Oneleet, not by doing less, but by making real security easier. We ship all the tools you would normally spend weeks or months setting up and adopting. Our customers regularly win deals they previously lost due to inadequate security postures. Oneleet is the fastest growing compliance company in the sector. A large number of Oneleet's newer clients come from platforms like Vanta and Drata. With Oneleet's all-in-one bundle pricing its ROI is significantly higher than that of Vanta, Drata and Delve. Companies that switch from Vanta, Drata, or Delve to Oneleet report faster audits, higher approval rates, and less manual effort. Vanta and Drata rely heavily on manual evidence collection and vendor integrations, creating delays and gaps. Delve emphasizes AI automation but often sacrifices accuracy—its generated outputs are frequently rejected or require manual fixes. Oneleet achieves both precision and speed by combining full-stack automation with expert oversight, producing the industry’s lowest audit-rejection rate and the fastest path to verified security. Oneleet serves SMBs and growth-stage companies that need compliance certifications to close enterprise deals, but want to be genuinely secure, not just certified on paper. Founded by professional penetration testers who spent over a decade breaching Fortune 500s and startups, we built Oneleet to end the disconnect between compliance and security. **Average Rating:** 4.9/5.0 **Total Reviews:** 138 **How Do G2 Users Rate Oneleet?** - **Performance and Reliability:** 10.0/10 (Category avg: 9.1/10) - **Vulnerability Scan:** 10.0/10 (Category avg: 9.1/10) - **Extensibility:** 10.0/10 (Category avg: 8.7/10) **Who Is the Company Behind Oneleet?** - **Seller:** [Oneleet](https://www.g2.com/sellers/oneleet) - **Company Website:** https://www.oneleet.com/ - **Year Founded:** 2022 - **HQ Location:** Atlanta, US - **LinkedIn® Page:** http://www.linkedin.com/company/oneleet (40 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** Engineer - **Top Industries:** Computer Software, Medical Devices - **Company Size:** 15% Small-Business, 11% Mid-Market #### What Are Oneleet's Pros and Cons? **Pros:** - Security (302 reviews) - Compliance (251 reviews) - Ease of Use (228 reviews) - Helpful (210 reviews) - Compliance Management (199 reviews) **Cons:** - Integration Issues (22 reviews) - Limited Customization (21 reviews) - Limited Integrations (17 reviews) - Lack of Integration (14 reviews) - Lack of Customization (13 reviews) ### 6. [Metasploit](https://www.g2.com/products/metasploit/reviews) Metasploit is a comprehensive penetration testing platform developed by Rapid7, designed to help security professionals identify, exploit, and validate vulnerabilities within their networks. By simulating real-world attacks, Metasploit enables organizations to assess their security posture and enhance their defenses against potential threats. Key Features and Functionality: - Extensive Exploit Library: Access to a vast, regularly updated database of over 1,500 exploits and 3,300 modules, allowing users to simulate a wide range of attack scenarios. - Automated Exploitation: Features like Smart Exploitation and automated credential brute-forcing streamline the penetration testing process, increasing efficiency and accuracy. - Post-Exploitation Modules: Over 330 post-exploitation modules enable testers to assess the impact of a successful breach and gather critical information from compromised systems. - Credential Testing: Ability to run brute-force attacks against more than 20 account types, including databases, web servers, and remote administration tools, to uncover weak or reused passwords. - Integration Capabilities: Seamless integration with other Rapid7 products, such as InsightVM and Nexpose, facilitates closed-loop vulnerability validation and remediation prioritization. Primary Value and Problem Solving: Metasploit empowers organizations to proactively identify and address security weaknesses before malicious actors can exploit them. By simulating real-world attacks, it provides valuable insights into potential vulnerabilities, enabling security teams to prioritize remediation efforts effectively. This proactive approach enhances overall security awareness, reduces the risk of breaches, and ensures compliance with industry standards and regulations. **Average Rating:** 4.6/5.0 **Total Reviews:** 53 **How Do G2 Users Rate Metasploit?** - **Has the product been a good partner in doing business?:** 8.7/10 (Category avg: 9.4/10) - **Performance and Reliability:** 8.4/10 (Category avg: 9.1/10) - **Vulnerability Scan:** 8.7/10 (Category avg: 9.1/10) - **Extensibility:** 8.1/10 (Category avg: 8.7/10) **Who Is the Company Behind Metasploit?** - **Seller:** [Rapid7](https://www.g2.com/sellers/rapid7) - **Year Founded:** 2000 - **HQ Location:** Boston, MA - **Twitter:** @rapid7 (124,369 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/39624/ (3,274 employees on LinkedIn®) - **Ownership:** NASDAQ:RPD **Who Uses This Product?** - **Top Industries:** Computer & Network Security, Information Technology and Services - **Company Size:** 47% Small-Business, 40% Mid-Market #### What Are Metasploit's Pros and Cons? **Pros:** - Pentesting Efficiency (2 reviews) - Expertise (1 reviews) **Cons:** - Complex Setup (1 reviews) ### 7. [Burp Suite](https://www.g2.com/products/burp-suite/reviews) Burp Suite is a complete ecosystem for web application and API security testing, combining two products: Burp Suite DAST - a best-of-breed, precision DAST solution that automates runtime testing, and Burp Suite Professional - the industry-standard toolkit for manual penetration testing. Developed by PortSwigger, more than 85,000 security professionals rely on Burp Suite to find, verify, and understand vulnerabilities across complex modern web applications. Burp Suite DAST is PortSwigger’s enterprise dynamic application security testing (DAST) solution, purpose-built for continuous, automated scanning of web applications and APIs. Unlike many DAST solutions, which are part of a wider AST offering, Burp Suite DAST is not a bolt-on tool - instead it’s precision-built from over 20 years of dynamic testing experience. Burp Suite DAST reveals the runtime issues that static analysis tools miss, such as authentication flaws, configuration drift, and chained vulnerabilities. Built on the same proprietary scanning engine that powers Burp Suite Professional, it delivers precise, low-noise results that security teams trust. Key capabilities of Burp Suite DAST include: Continuous, automated scanning of web applications and APIs, integration with CI/CD pipelines and vulnerability management tools, flexible deployment across cloud, and on-premise environments, shared scanning logic and configurations between automated and manual testing, accurate, low-noise detection informed by PortSwigger Research. Burp Suite Professional complements DAST with deep manual testing capability. It’s the industry-standard toolkit for penetration testers, consultants, and AppSec engineers who need complete insight and flexibility when validating or exploring vulnerabilities. Findings discovered by DAST can be investigated and verified in Burp Suite Professional, ensuring every result is accurate, contextual, and actionable. Together, Burp Suite DAST and Burp Suite Professional create a unified ecosystem that delivers automation at breadth and manual depth where it counts. Burp Suite is built for AppSec teams who need scalable, trustworthy coverage across web and API environments, enabling a seamless handoff between automated and manual testing. **Average Rating:** 4.8/5.0 **Total Reviews:** 126 **How Do G2 Users Rate Burp Suite?** - **Has the product been a good partner in doing business?:** 9.7/10 (Category avg: 9.4/10) - **Performance and Reliability:** 8.8/10 (Category avg: 9.1/10) - **Vulnerability Scan:** 8.9/10 (Category avg: 9.1/10) - **Extensibility:** 8.9/10 (Category avg: 8.7/10) **Who Is the Company Behind Burp Suite?** - **Seller:** [PortSwigger](https://www.g2.com/sellers/portswigger) - **Company Website:** https://www.portswigger.net - **Year Founded:** 2008 - **HQ Location:** Knutsford, GB - **Twitter:** @Burp_Suite (137,909 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/portswigger-web-security/ (321 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** Cyber Security Analyst - **Top Industries:** Computer & Network Security, Information Technology and Services - **Company Size:** 41% Mid-Market, 31% Small-Business #### What Are Burp Suite's Pros and Cons? **Pros:** - Ease of Use (12 reviews) - User Interface (8 reviews) - Testing Services (7 reviews) - Features (5 reviews) - Clear Interface (4 reviews) **Cons:** - Expensive (5 reviews) - Slow Performance (5 reviews) - High Learning Curve (2 reviews) - Learning Curve (2 reviews) - Limited Customization (2 reviews) ### 8. [Pentera](https://www.g2.com/products/pentera/reviews) Pentera is the category leader for Automated Security Validation, allowing every organization to test with ease the integrity of all cybersecurity layers, unfolding true, current security exposures at any moment, at any scale. Thousands of security professionals and service providers around the world use Pentera to guide remediation and close security gaps before they are exploited. Its customers include Casey's General Stores, Emeria, LuLu International Exchange, IP Telecom PT, BrewDog, City National Bank, Schmitz Cargobull, and MBC Group. Pentera is backed by leading investors such as K1 Investment Management, Insight Partners, Blackstone, Evolution Equity Partners, and AWZ. Visit https://pentera.io for more information. **Average Rating:** 4.5/5.0 **Total Reviews:** 169 **How Do G2 Users Rate Pentera?** - **Has the product been a good partner in doing business?:** 9.3/10 (Category avg: 9.4/10) - **Performance and Reliability:** 8.6/10 (Category avg: 9.1/10) - **Vulnerability Scan:** 8.6/10 (Category avg: 9.1/10) - **Extensibility:** 7.4/10 (Category avg: 8.7/10) **Who Is the Company Behind Pentera?** - **Seller:** [Pentera](https://www.g2.com/sellers/pentera) - **Company Website:** https://pentera.io/ - **Year Founded:** 2015 - **HQ Location:** Boston, MA - **Twitter:** @penterasec (3,303 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/penterasecurity/ (483 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Banking, Government Administration - **Company Size:** 52% Enterprise, 36% Mid-Market #### What Are Pentera's Pros and Cons? **Pros:** - Ease of Use (9 reviews) - Vulnerability Identification (8 reviews) - Automation (7 reviews) - Customer Support (7 reviews) - Security (6 reviews) **Cons:** - Inadequate Reporting (3 reviews) - Access Control (2 reviews) - False Positives (2 reviews) - Limited Reporting (2 reviews) - Missing Features (2 reviews) ### 9. [RidgeBot](https://www.g2.com/products/ridgebot/reviews) RidgeBot by Ridge Security is a leading agentic AI-driven offensive security platform, supporting continuous threat management programs. It enables CISOs to minimize cyber risks by continuously validating the cybersecurity posture and controls protecting attack surfaces against increasingly sophisticated and frequent attacks. RidgeBot automatically tests an organization’s entire IP-based environment, including network infrastructure, applications, websites, IoT, and OT, using ethical hacking techniques to pinpoint the most critical vulnerabilities. It's dynamic AI-powered decision-making supports DevSecOps, compliance, incident response verification, and custom attack simulations. RidgeBot maintains a library of over 36,000 plugins to launch complex penetration tests and attack simulations, with detailed reporting of results and remediation recommendations. **Average Rating:** 4.5/5.0 **Total Reviews:** 95 **How Do G2 Users Rate RidgeBot?** - **Has the product been a good partner in doing business?:** 9.3/10 (Category avg: 9.4/10) - **Performance and Reliability:** 9.2/10 (Category avg: 9.1/10) - **Vulnerability Scan:** 9.0/10 (Category avg: 9.1/10) - **Extensibility:** 8.6/10 (Category avg: 8.7/10) **Who Is the Company Behind RidgeBot?** - **Seller:** [Ridge Security Technology](https://www.g2.com/sellers/ridge-security-technology) - **Company Website:** https://ridgesecurity.ai/ - **Year Founded:** 2020 - **HQ Location:** Santa Clara, California - **Twitter:** @RidgeSecurityAI (1,287 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/ridge-security/ (47 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 51% Small-Business, 45% Mid-Market #### What Are RidgeBot's Pros and Cons? **Pros:** - Automation (16 reviews) - Ease of Use (15 reviews) - Pentesting Efficiency (12 reviews) - Vulnerability Identification (12 reviews) - Efficiency (9 reviews) **Cons:** - Complexity (4 reviews) - Complex Setup (4 reviews) - Missing Features (4 reviews) - Poor Customer Support (3 reviews) - Poor Documentation (3 reviews) ### 10. [Bugcrowd](https://www.g2.com/products/bugcrowd/reviews) Bugcrowd frees organizations with a low tolerance for risk from chronic talent shortages, noisy tools that breed false positives, and the fear of critical hidden or emerging vulnerabilities. Our SaaS platform provides access to the unlimited capacity and skills of the global ethical hacker/pentester community for deeper, proactive risk reduction and faster regulatory compliance. With 12+ years of experience and 1200+ customers in every industry (including OpenAI, National Australia Bank, Indeed, USAA, Twilio, and CISA), we know what long-term with crowdsourced security looks like. **Average Rating:** 4.3/5.0 **Total Reviews:** 60 **How Do G2 Users Rate Bugcrowd?** - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.4/10) - **Performance and Reliability:** 8.5/10 (Category avg: 9.1/10) - **Vulnerability Scan:** 8.3/10 (Category avg: 9.1/10) - **Extensibility:** 8.2/10 (Category avg: 8.7/10) **Who Is the Company Behind Bugcrowd?** - **Seller:** [Bugcrowd](https://www.g2.com/sellers/bugcrowd) - **Year Founded:** 2012 - **HQ Location:** San Francisco, CA - **Twitter:** @Bugcrowd (198,577 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/bugcrowd/ (3,701 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 34% Enterprise, 33% Small-Business #### What Are Bugcrowd's Pros and Cons? **Pros:** - Reporting Quality (8 reviews) - Ease of Use (7 reviews) - Customer Support (6 reviews) - Communication (5 reviews) - Vulnerability Detection (5 reviews) **Cons:** - Poor Customer Support (4 reviews) - Slow Performance (4 reviews) - Bug Management (3 reviews) - Inadequate Reporting (3 reviews) - Learning Curve (3 reviews) ### 11. [Indusface WAS](https://www.g2.com/products/indusface-was/reviews) Indusface WAS (Web Application Scanner) provides comprehensive managed dynamic application security testing (DAST) solution. It is a zero-touch, non-intrusive cloud-based solution that provides daily monitoring for web applications, checking for systems and application vulnerabilities, and malware. Indusface WAS with its automated scans & manual pentesting done by certified security experts ensures none of the OWASP Top10, business logic vulnerabilities, and malware go unnoticed. With zero false-positive guarantee and comprehensive reporting with remediation guidance, Indusface web app scanning ensures developers to quickly fix vulnerabilities seamlessly. **Average Rating:** 4.6/5.0 **Total Reviews:** 63 **How Do G2 Users Rate Indusface WAS?** - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.4/10) - **Performance and Reliability:** 9.2/10 (Category avg: 9.1/10) - **Vulnerability Scan:** 9.3/10 (Category avg: 9.1/10) - **Extensibility:** 8.7/10 (Category avg: 8.7/10) **Who Is the Company Behind Indusface WAS?** - **Seller:** [Indusface](https://www.g2.com/sellers/indusface) - **Year Founded:** 2012 - **HQ Location:** Vadodara - **Twitter:** @Indusface (3,477 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/indusface/ (180 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 52% Small-Business, 37% Mid-Market #### What Are Indusface WAS's Pros and Cons? **Pros:** - Vulnerability Detection (19 reviews) - Vulnerability Identification (16 reviews) - Customer Support (6 reviews) - Scanning Efficiency (6 reviews) - Security (6 reviews) **Cons:** - Expensive (2 reviews) - Confusing Interface (1 reviews) - Lacking Features (1 reviews) - Limited Scope (1 reviews) - Poor Interface Design (1 reviews) ### 12. [Pynt - API Security Testing](https://www.g2.com/products/pynt-api-security-testing/reviews) Pynt is an innovative API Security Testing platform exposing verified API threats through simulated attacks. Hundreds of companies rely on Pynt to continuously monitor, classify and attack poorly secured APIs, before hackers do. **Average Rating:** 4.8/5.0 **Total Reviews:** 44 **How Do G2 Users Rate Pynt - API Security Testing?** - **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.4/10) - **Performance and Reliability:** 9.1/10 (Category avg: 9.1/10) - **Vulnerability Scan:** 9.2/10 (Category avg: 9.1/10) - **Extensibility:** 8.8/10 (Category avg: 8.7/10) **Who Is the Company Behind Pynt - API Security Testing?** - **Seller:** [Pynt](https://www.g2.com/sellers/pynt) - **Year Founded:** 2022 - **HQ Location:** Tel Aviv, IL - **Twitter:** @pynt_io (362 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/pynt (16 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Computer Software, Computer & Network Security - **Company Size:** 57% Small-Business, 23% Enterprise #### What Are Pynt - API Security Testing's Pros and Cons? **Pros:** - Vulnerability Detection (20 reviews) - Security (18 reviews) - API Management (17 reviews) - Easy Integrations (16 reviews) - Automation (15 reviews) **Cons:** - Complex Setup (11 reviews) - Setup Complexity (6 reviews) - Limited Features (4 reviews) - Poor Interface Design (4 reviews) - UX Improvement (4 reviews) ### 13. [Cyver Core](https://www.g2.com/products/cyver-core/reviews) Cyver Core is a pentest collaboration and management platform to digitize, automate, and optimize manual work for pentest firms, while enabling Pentest-as-a-Service delivery. Cyver Core offers pentest report automation, branded client portals, pentest management, team management, and more. **Average Rating:** 4.6/5.0 **Total Reviews:** 15 **How Do G2 Users Rate Cyver Core?** - **Has the product been a good partner in doing business?:** 9.6/10 (Category avg: 9.4/10) - **Performance and Reliability:** 7.7/10 (Category avg: 9.1/10) - **Vulnerability Scan:** 8.3/10 (Category avg: 9.1/10) - **Extensibility:** 8.5/10 (Category avg: 8.7/10) **Who Is the Company Behind Cyver Core?** - **Seller:** [Cyver](https://www.g2.com/sellers/cyver) - **Year Founded:** 2020 - **HQ Location:** Amsterdam, NL - **Twitter:** @cyver_io (42 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/37212589 (10 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Computer & Network Security - **Company Size:** 73% Small-Business, 27% Mid-Market #### What Are Cyver Core's Pros and Cons? **Pros:** - Pentesting Efficiency (5 reviews) - Reporting Quality (5 reviews) - Communication (3 reviews) - Customer Support (2 reviews) - Cybersecurity (2 reviews) **Cons:** - Limited Customization (2 reviews) - Technical Issues (2 reviews) - Poor Documentation (1 reviews) - Poor Interface Design (1 reviews) - Slow Performance (1 reviews) ### 14. [Acunetix by Invicti](https://www.g2.com/products/acunetix-by-invicti/reviews) Acunetix (by Invicti) is an automated application security testing tool that enables small security teams to tackle huge application security challenges. With fast scanning, comprehensive results, and intelligent automation, Acunetix helps organizations to reduce risk across all types of web applications, websites, and APIs. With Acunetix, security teams can: - Save time and resources by automating manual security processes - Work more seamlessly with developers, or embrace DevSecOps by integrating directly into development tools - Feel confident that every web application has been crawled entirely thanks to DAST + IAST scanning and intelligent crawling technology - Finally, make web application and API security a priority and not just an add-on with a solution that is dedicated to application and API security 100% of the time You can depend on Acunetix to meet your organization’s needs today and face the challenges of modern web technology together tomorrow. **Average Rating:** 4.1/5.0 **Total Reviews:** 100 **How Do G2 Users Rate Acunetix by Invicti?** - **Has the product been a good partner in doing business?:** 8.2/10 (Category avg: 9.4/10) - **Performance and Reliability:** 8.1/10 (Category avg: 9.1/10) - **Vulnerability Scan:** 8.6/10 (Category avg: 9.1/10) - **Extensibility:** 7.4/10 (Category avg: 8.7/10) **Who Is the Company Behind Acunetix by Invicti?** - **Seller:** [Invicti Security](https://www.g2.com/sellers/invicti-security-04cb0d3d-fd96-45b2-83dc-2038fc9dac92) - **Company Website:** https://www.invicti.com/ - **Year Founded:** 2018 - **HQ Location:** Austin, Texas - **Twitter:** @InvictiSecurity (2,557 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/invicti-security/people/ (335 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Information Technology and Services, Computer Software - **Company Size:** 40% Enterprise, 34% Mid-Market #### What Are Acunetix by Invicti's Pros and Cons? **Pros:** - Vulnerability Detection (7 reviews) - Ease of Use (6 reviews) - Security (5 reviews) - Vulnerability Identification (5 reviews) - Accuracy of Results (4 reviews) **Cons:** - Expensive (4 reviews) - Complexity (3 reviews) - Complex Setup (3 reviews) - Slow Scanning (3 reviews) - Difficult Customization (2 reviews) ### 15. [SQLmap](https://www.g2.com/products/sqlmap/reviews) Automatic SQL injection and database takeover tool **Average Rating:** 4.3/5.0 **Total Reviews:** 37 **How Do G2 Users Rate SQLmap?** - **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.4/10) - **Performance and Reliability:** 8.0/10 (Category avg: 9.1/10) - **Vulnerability Scan:** 8.4/10 (Category avg: 9.1/10) - **Extensibility:** 7.8/10 (Category avg: 8.7/10) **Who Is the Company Behind SQLmap?** - **Seller:** [SQLmap](https://www.g2.com/sellers/sqlmap) - **Year Founded:** 2008 - **HQ Location:** San Francisco, CA - **Twitter:** @github (2,670,109 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/No-Linkedin-Presence-Added-Intentionally-By-DataOps (1 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Computer Software, Computer & Network Security - **Company Size:** 53% Small-Business, 42% Mid-Market ### 16. [Beagle Security](https://www.g2.com/products/beagle-security/reviews) Beagle Security helps you identify vulnerabilities in your web applications, APIs, GraphQL and remediate them with actionable insights before hackers harm you in any manner. With Beagle Security, you can integrate automated penetration testing into your CI/CD pipeline to identify security issues earlier in your development lifecycle and ship safer web applications. Major features: - Checks your web apps & APIs for 3000+ test cases to find security loopholes - OWASP & SANS standards - Recommendations to address security issues - Security test complex web apps with login - Compliance reports (GDPR, HIPAA & PCI DSS) - Test scheduling - DevSecOps integrations - API integration - Team access - Integrations with popular tools like Slack, Jira, Asana, Trello & 100+ other tools **Average Rating:** 4.7/5.0 **Total Reviews:** 85 **How Do G2 Users Rate Beagle Security?** - **Has the product been a good partner in doing business?:** 9.5/10 (Category avg: 9.4/10) - **Performance and Reliability:** 9.0/10 (Category avg: 9.1/10) - **Vulnerability Scan:** 9.7/10 (Category avg: 9.1/10) - **Extensibility:** 6.7/10 (Category avg: 8.7/10) **Who Is the Company Behind Beagle Security?** - **Seller:** [Beagle Security](https://www.g2.com/sellers/beagle-security) - **Year Founded:** 2020 - **HQ Location:** San Francisco, US - **Twitter:** @beaglesecure (207 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/beaglesecurity/ (50 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** CEO, Director - **Top Industries:** Marketing and Advertising, Information Technology and Services - **Company Size:** 91% Small-Business, 7% Mid-Market #### What Are Beagle Security's Pros and Cons? **Pros:** - Reporting Quality (1 reviews) - Setup Ease (1 reviews) ### 17. [Qodex.ai](https://www.g2.com/products/qodex-ai/reviews) Qodex.ai | AI Powered API Testing and Security Qodex.ai is an AI agent purpose built for API testing and security automation. It helps engineering teams ship faster and safer by turning plain English requests into complete, executable test suites without any manual scripting or QA setup. Think of it as Cursor for APIs. Engineers describe what they want to test, and Qodex.ai instantly generates end to end functional, regression, and security test cases mapped to real workflows. Tests auto execute, stay up to date, and self heal as your code evolves, saving teams hours of maintenance and review time. Already trusted by more than 100 enterprise and mid market companies, Qodex.ai is redefining how modern teams achieve continuous API quality, vulnerability detection, and compliance at scale using the power of AI. **Average Rating:** 4.9/5.0 **Total Reviews:** 60 **How Do G2 Users Rate Qodex.ai?** - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.4/10) **Who Is the Company Behind Qodex.ai?** - **Seller:** [QodexAI](https://www.g2.com/sellers/qodexai) - **Company Website:** https://www.qodex.ai/ - **Year Founded:** 2023 - **HQ Location:** San Francisco, California - **LinkedIn® Page:** https://linkedin.com/company/qodexai (13 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 75% Small-Business, 20% Mid-Market #### What Are Qodex.ai's Pros and Cons? **Pros:** - Ease of Use (23 reviews) - Automation (17 reviews) - Testing (17 reviews) - Testing Efficiency (17 reviews) - Helpful (13 reviews) **Cons:** - Slow Loading (6 reviews) - Poor Documentation (5 reviews) - Slow Performance (5 reviews) - Bug Issues (4 reviews) - Bugs (4 reviews) ### 18. [Invicti (formerly Netsparker)](https://www.g2.com/products/invicti-formerly-netsparker/reviews) Invicti (formerly known as Netsparker) is an enterprise application and API security testing platform that helps organizations secure thousands of web applications and APIs at scale while dramatically reducing the risk of attack. Combining advanced DAST and IAST capabilities in a single platform, Invicti enables security teams to continuously identify, prioritize, and remediate vulnerabilities across complex modern environments with confidence and automation. With Invicti, security teams can: - Automate application security testing workflows and save hundreds of hours every month - Discover and secure all web applications and APIs, including forgotten, unmanaged, and shadow assets - Deliver actionable, developer-friendly feedback that helps teams remediate vulnerabilities faster and build more secure code over time - Reduce false positives with proof-based scanning technology that validates exploitable vulnerabilities - Scale application security programs across large enterprises without slowing development teams - Integrate security seamlessly into existing DevSecOps and CI/CD workflows Built for organizations with the most demanding security requirements, Invicti empowers teams to confidently secure their entire attack surface with accuracy, scalability, and automation. **Average Rating:** 4.6/5.0 **Total Reviews:** 66 **How Do G2 Users Rate Invicti (formerly Netsparker)?** - **Has the product been a good partner in doing business?:** 9.6/10 (Category avg: 9.4/10) - **Performance and Reliability:** 9.1/10 (Category avg: 9.1/10) - **Vulnerability Scan:** 9.7/10 (Category avg: 9.1/10) - **Extensibility:** 8.3/10 (Category avg: 8.7/10) **Who Is the Company Behind Invicti (formerly Netsparker)?** - **Seller:** [Invicti Security](https://www.g2.com/sellers/invicti-security-04cb0d3d-fd96-45b2-83dc-2038fc9dac92) - **Company Website:** https://www.invicti.com/ - **Year Founded:** 2018 - **HQ Location:** Austin, Texas - **Twitter:** @InvictiSecurity (2,557 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/invicti-security/people/ (335 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 46% Enterprise, 28% Mid-Market #### What Are Invicti (formerly Netsparker)'s Pros and Cons? **Pros:** - Ease of Use (9 reviews) - Scanning Technology (7 reviews) - Features (6 reviews) - Reporting Quality (6 reviews) - Vulnerability Detection (6 reviews) **Cons:** - Poor Customer Support (3 reviews) - Slow Performance (3 reviews) - Slow Scanning (3 reviews) - API Issues (2 reviews) - Complex Setup (2 reviews) ### 19. [Breachlock](https://www.g2.com/products/breachlock-breachlock/reviews) BreachLock is a global leader in Continuous Attack Surface Discovery and Penetration Testing. Continuously discover, prioritize, and mitigate exposures with evidence-backed Attack Surface Management, Penetration Testing and Red Teaming. Elevate your defense strategy with an attacker’s view that goes beyond common vulnerabilities and exposures. Each risk we uncover is backed by validated evidence. We test your entire attack surface and help you mitigate your next cyber breach before it occurs. Know your risk. Contact BreachLock today! **Average Rating:** 4.6/5.0 **Total Reviews:** 38 **How Do G2 Users Rate Breachlock?** - **Has the product been a good partner in doing business?:** 9.5/10 (Category avg: 9.4/10) - **Performance and Reliability:** 8.7/10 (Category avg: 9.1/10) - **Vulnerability Scan:** 8.9/10 (Category avg: 9.1/10) - **Extensibility:** 7.6/10 (Category avg: 8.7/10) **Who Is the Company Behind Breachlock?** - **Seller:** [Breachlock](https://www.g2.com/sellers/breachlock) - **Company Website:** https://www.breachlock.com/ - **Year Founded:** 2019 - **HQ Location:** New York, NY - **Twitter:** @BreachLock (273 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/breachlock/ (125 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 53% Small-Business, 39% Mid-Market #### What Are Breachlock's Pros and Cons? **Pros:** - Customer Support (6 reviews) - Communication (5 reviews) - Ease of Use (4 reviews) - Vulnerability Detection (4 reviews) - Pentesting Efficiency (3 reviews) **Cons:** - False Positives (5 reviews) - Poor Interface Design (3 reviews) - Expensive (2 reviews) - Inadequate Reporting (2 reviews) - Lack of Detail (2 reviews) ### 20. [BugBase](https://www.g2.com/products/bugbase-bugbase/reviews) BugBase is a Continuous Vulnerability Assessment Platform that conducts comprehensive security operations such as bug bounty programs and next-gen pentesting (VAPT) to assist startups and enterprises in effectively identifying, managing and mitigating vulnerabilities. **Average Rating:** 4.5/5.0 **Total Reviews:** 46 **How Do G2 Users Rate BugBase?** - **Has the product been a good partner in doing business?:** 9.5/10 (Category avg: 9.4/10) - **Performance and Reliability:** 8.7/10 (Category avg: 9.1/10) - **Vulnerability Scan:** 9.1/10 (Category avg: 9.1/10) - **Extensibility:** 8.2/10 (Category avg: 8.7/10) **Who Is the Company Behind BugBase?** - **Seller:** [BugBase](https://www.g2.com/sellers/bugbase) - **Year Founded:** 2021 - **HQ Location:** Singapore, US - **Twitter:** @BugBase (1,672 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/bugbase/ (45 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Computer & Network Security, Computer Software - **Company Size:** 58% Small-Business, 21% Enterprise #### What Are BugBase's Pros and Cons? **Pros:** - Ease of Use (25 reviews) - User Interface (13 reviews) - Cybersecurity (10 reviews) - Features (10 reviews) - Easy Integrations (9 reviews) **Cons:** - Slow Performance (9 reviews) - Expensive (6 reviews) - Difficult Setup (5 reviews) - Learning Curve (5 reviews) - Poor Customer Support (4 reviews) ### 21. [Defendify All-In-One Cybersecurity Solution](https://www.g2.com/products/defendify-all-in-one-cybersecurity-solution/reviews) Founded in 2017, Defendify is pioneering All-In-One Cybersecurity® for organizations with growing security needs, backed by experts offering ongoing guidance and support. Delivering multiple layers of protection, Defendify provides an all-in-one, easy-to-use platform designed to strengthen cybersecurity across people, process, and technology, continuously. With Defendify, organizations streamline cybersecurity assessments, testing, policies, training, detection, response & containment in one consolidated and cost-effective cybersecurity solution. 3 layers, 13 solutions, 1 platform, including: • Managed Detection & Response • Cyber Incident Response Plan • Cybersecurity Threat Alerts • Phishing Simulations • Cybersecurity Awareness Training • Cybersecurity Awareness Videos • Cybersecurity Awareness Posters & Graphics • Technology Acceptable Use Policy • Cybersecurity Risk Assessments • Penetration Testing • Vulnerability Scanning • Compromised Password Scanning • Website Security Scanning See Defendify in action at www.defendify.com. **Average Rating:** 4.7/5.0 **Total Reviews:** 57 **How Do G2 Users Rate Defendify All-In-One Cybersecurity Solution?** - **Has the product been a good partner in doing business?:** 9.8/10 (Category avg: 9.4/10) - **Performance and Reliability:** 9.8/10 (Category avg: 9.1/10) - **Vulnerability Scan:** 9.7/10 (Category avg: 9.1/10) - **Extensibility:** 8.8/10 (Category avg: 8.7/10) **Who Is the Company Behind Defendify All-In-One Cybersecurity Solution?** - **Seller:** [Defendify](https://www.g2.com/sellers/defendify) - **Year Founded:** 2017 - **HQ Location:** Portland, Maine - **Twitter:** @defendify (305 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/11098948/ (36 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 65% Small-Business, 35% Mid-Market #### What Are Defendify All-In-One Cybersecurity Solution's Pros and Cons? **Pros:** - Ease of Use (8 reviews) - Cybersecurity (6 reviews) - Easy Setup (5 reviews) - Insights (5 reviews) - Monitoring (5 reviews) **Cons:** - Inadequate Reporting (4 reviews) - Poor Reporting (4 reviews) - Lack of Information (2 reviews) - Limited Customization (2 reviews) - Limited Features (2 reviews) ### 22. [Appknox](https://www.g2.com/products/appknox/reviews) Appknox is an on-demand mobile application security platform that helps businesses detect and fix security vulnerabilities using an Automated Security Testing suite. We have been successfully reducing delivery timelines, manpower costs & mitigating security threats for Global Banks and Enterprises in 10 + countries. **Average Rating:** 4.5/5.0 **Total Reviews:** 40 **How Do G2 Users Rate Appknox?** - **Has the product been a good partner in doing business?:** 9.8/10 (Category avg: 9.4/10) - **Performance and Reliability:** 9.1/10 (Category avg: 9.1/10) - **Vulnerability Scan:** 8.7/10 (Category avg: 9.1/10) - **Extensibility:** 9.3/10 (Category avg: 8.7/10) **Who Is the Company Behind Appknox?** - **Seller:** [Appknox](https://www.g2.com/sellers/appknox) - **Year Founded:** 2014 - **HQ Location:** Singapore, Singapore - **Twitter:** @appknox (3,062 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/3771872/ (82 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Information Technology and Services, Financial Services - **Company Size:** 40% Small-Business, 37% Mid-Market ### 23. [Pentest-Tools.com](https://www.g2.com/products/pentest-tools-com/reviews) Discover what's possible. Prove what's real. With proprietary tech and key experts in offensive security. Pentest-Tools.com is built for actual security testing, not just detection. We provide the coverage, consolidation, and automation cybersecurity teams need to optimize vulnerability assessment workflows. And we ensure the depth, control, and customization on which professional pentesters count to increase engagement quality and profitability. ✔️ Comprehensive toolkit with real-world coverage ✔️ Validated findings rich with evidence ✔️ Automation options with granular control ✔️ Flexible, high-quality reporting ✔️ Workflow-friendly by design Optimize and scale penetration testing and vulnerability assessment workflows - without sacrificing accuracy, control, or manual testing depth. 🎯 Attack surface mapping and recon 🎯 Comprehensive vulnerability scanning 🎯 Vulnerability exploitation 🎯 Customizable pentest reporting and data exports 🎯 Continuous vulnerability monitoring In our company, we build what we use We launched Pentest-Tools.com in 2017 as a team of professional penetration testers - and we've kept that mindset ever since. Our experts still drive product development today, focusing relentlessly on accuracy, speed, and control. Every new feature, detection, and workflow comes from real-world experience. We constantly improve the product with updated attack techniques, smarter automation, and validation that reflects how malicious hackers actually operate - so your team can deliver security work that's faster, more visible, and built on proof. **Average Rating:** 4.8/5.0 **Total Reviews:** 99 **How Do G2 Users Rate Pentest-Tools.com?** - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.4/10) - **Performance and Reliability:** 8.8/10 (Category avg: 9.1/10) - **Vulnerability Scan:** 9.1/10 (Category avg: 9.1/10) - **Extensibility:** 6.9/10 (Category avg: 8.7/10) **Who Is the Company Behind Pentest-Tools.com?** - **Seller:** [Pentest-Tools.com](https://www.g2.com/sellers/pentest-tools-com) - **Year Founded:** 2017 - **HQ Location:** Sectorul 1, Bucharest - **Twitter:** @pentesttoolscom (4,061 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/33242531/ (63 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** CEO - **Top Industries:** Computer & Network Security, Information Technology and Services - **Company Size:** 65% Small-Business, 20% Mid-Market #### What Are Pentest-Tools.com's Pros and Cons? **Pros:** - Ease of Use (6 reviews) - Automation (4 reviews) - Customer Support (4 reviews) - Pentesting Efficiency (4 reviews) - Scheduling (4 reviews) **Cons:** - Difficult Customization (2 reviews) - Limited Features (2 reviews) - Slow Scanning (2 reviews) - Bugs (1 reviews) - Confusing Interface (1 reviews) ### 24. [Evolve Security](https://www.g2.com/products/evolve-security-evolve-security/reviews) Evolve Security's patent pending Darwin Attack® platform is a comprehensive collaboration and management tool designed to help organizations manage their cybersecurity services and reduce risks of successful cyberattacks. The platform serves as a repository for research, vulnerability and attack details, compliance requirements, remediation recommendations, and mitigating controls. It also functions as a security feed, collaboration tool, tracking tool, management platform, and reporting platform. The platform enables organizations to actively manage their security program by providing real-time updates on testing progress and findings, which allows for timely remediation. Darwin Attack® is constantly updated with new information and functionality to ensure that it remains effective and efficient in meeting the needs of Evolve Security's clients. **Average Rating:** 4.8/5.0 **Total Reviews:** 52 **How Do G2 Users Rate Evolve Security?** - **Has the product been a good partner in doing business?:** 9.8/10 (Category avg: 9.4/10) - **Performance and Reliability:** 9.1/10 (Category avg: 9.1/10) - **Vulnerability Scan:** 9.4/10 (Category avg: 9.1/10) - **Extensibility:** 8.8/10 (Category avg: 8.7/10) **Who Is the Company Behind Evolve Security?** - **Seller:** [Evolve Security](https://www.g2.com/sellers/evolve-security) - **Year Founded:** 2016 - **HQ Location:** Chicago, Illinois - **Twitter:** @theevolvesec (787 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/evolve-security/ (65 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Financial Services - **Company Size:** 69% Mid-Market, 21% Small-Business #### What Are Evolve Security's Pros and Cons? **Pros:** - Actionable Intelligence (2 reviews) - Communication (2 reviews) - Ease of Use (2 reviews) - Vulnerability Detection (2 reviews) - Vulnerability Identification (2 reviews) ### 25. [OnSecurity](https://www.g2.com/products/onsecurity/reviews) OnSecurity is a leading CREST-accredited penetration testing vendor based in the UK, dedicated to delivering high-impact, high-intelligence penetration testing services to businesses of all sizes. By simplifying the management and delivery of pentesting, we make it easier for organisations to enhance their security posture and mitigate risks, contributing to a safer, more secure digital environment for everyone. Pentesting, Vulnerability Scanning and Threat Intelligence all in one platform. Start your offensive cyber security journey today: https://www.onsecurity.io/ **Average Rating:** 4.9/5.0 **Total Reviews:** 36 **How Do G2 Users Rate OnSecurity?** - **Has the product been a good partner in doing business?:** 9.7/10 (Category avg: 9.4/10) - **Performance and Reliability:** 10.0/10 (Category avg: 9.1/10) - **Vulnerability Scan:** 9.8/10 (Category avg: 9.1/10) - **Extensibility:** 9.3/10 (Category avg: 8.7/10) **Who Is the Company Behind OnSecurity?** - **Seller:** [On Security](https://www.g2.com/sellers/on-security) - **Year Founded:** 2018 - **HQ Location:** Bristol, GB - **Twitter:** @weareonsecurity (1,339 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/onsecurity (56 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 64% Small-Business, 31% Mid-Market ## What Is Penetration Testing Tools? [DevSecOps Software](https://www.g2.com/categories/devsecops) ## What Software Categories Are Similar to Penetration Testing Tools? - [Vulnerability Scanner Software](https://www.g2.com/categories/vulnerability-scanner) - [Dynamic Application Security Testing (DAST) Software](https://www.g2.com/categories/dynamic-application-security-testing-dast) - [Risk-Based Vulnerability Management Software](https://www.g2.com/categories/risk-based-vulnerability-management)