Join the 1500 companies using G2 Track to manage SaaS spend, usage, contracts & compliance.



Test running apps and services for common security weaknesses and vulnerabilities using malformed inputs to detect flaws. Leverage fully automated tests across 250+ test suites, protocol-specific attack patterns and automatic test mutation

Work for Defensics?

Learning about Defensics?

We can help you find the solution that fits you best.

Defensics Reviews

Chat with a G2 Advisor
Write a Review
Filter Reviews
Filter Reviews
Company Size
User Role
Showing 1 Defensics review
LinkedIn Connections
Defensics review by User
Validated Reviewer
Verified Current User
Review Source

"Defensics for fuzz testing REST APIs"

What do you like best?

It's relatively easy to get started. The tool allow extending it using Java or Python so you can test virtually any system. Reporting is great: you can easily know which anomalous input caused an error to reproduce and fix it.

What do you dislike?

The tool works best in case you're testing a protocol for which there's a built-in fuzzer. In case you choose to use a generic fuzzer like the Universal Fuzzer and add you're own logic then the usefulness of the tool is greatly reduced. Testing REST APIs which have good input validation (like JSON schema validation) won't typically yield much result.

Recommendations to others considering the product

For basic testing you can rely on open source tools instead. I believe for world-class products a tool like Defensics is needed.

What business problems are you solving with the product? What benefits have you realized?

Enhancing the robustness of our software. Defending against unknown attack vectors. Prevent SQL injections among other attacks.

Sign in to G2 to see what your connections have to say about Defensics

What Penetration Testing solution do you use?

Thanks for letting us know!

There are not enough reviews of Defensics for G2 to provide buying insight. Below are some alternatives with more reviews:

Metasploit Logo
Metasploit Pro is a penetration testing tool that increases penetration tester's productivity, prioritizes and demonstrates risk through closed-loop vulnerability validation, and measures security awareness through simulated phishing emails.
SQLmap Logo
Automatic SQL injection and database takeover tool
Veracode Application Security Platform Logo
Veracode Application Security Platform
Veracode is the world's best automated, on-demand application security testing and code review solution.
BeEF Logo
BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.
Swascan Security Suite Logo
Swascan Security Suite
Provides automated security testing and security scan of web applications to identify vulnerabilities, scans your network and devices and suggest to you recommendations on how they can be fixed, and provides a source code analysis to identify and resolve security weaknesses and vulnerabilities
HackerOne Logo
The Most Trusted Hacker-Powered Security Platform
7 Logo
Cobalt's Pen Testing as a Service (PTaaS) Platform transforms yesterday’s broken pen test model into a data-driven vulnerability management engine. Fueled by our global talent pool of certified freelancers, Cobalt's crowdsourced SaaS pen test platform delivers actionable results that empower agile teams to pinpoint, track, and remediate software vulnerabilities. Hundreds of organizations now benefit from high quality pen test findings, faster remediation times, and higher ROI for their pen test budget.
Detectify Logo
Detectify is a SaaS based website security service that analyzes and monitors the security level of a user's website by applying a broad range of emulated hacker attacks and provide report that describes the identified vulnerabilities and their potential risk in the hands of malicious hackers.
Breachlock Logo
BreachLock is a security startup that offers a unique SaaS platform delivering on-demand, continuous and scalable security testing suitable for modern cloud and DevOps powered businesses.
SATAN is a tool to help systems administrators. It recognizes several common networking-related security problems, and reports the problems without actually exploiting them.
Show more
Kate from G2

Learning about Defensics?

I can help.
* We monitor all Defensics reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. Validated reviews require the user to submit a screenshot of the product containing their user ID, in order to verify a user is an actual user of the product.