# Best API Security Tools

*By [Lauren Worth](https://research.g2.com/insights/author/lauren-worth)*

The best API security software in 2026 is Postman, rated 4.6 out of 5 on G2 based on 1,700+ verified reviews. For teams prioritizing automated penetration testing, apisec.ai leads with the highest rating at 4.7 stars and seamless CI/CD integration.

1. Postman — 4.6/5 (1,700+ reviews): API endpoint security validation and collaborative testing
2. Cloudflare Application Security and Performance — 4.5/5 (600+ reviews): Edge-enforced WAF and API abuse protection
3. apisec.ai — 4.7/5 (200+ reviews): Continuous automated API penetration testing with CI/CD integration
4. Check Point WAF (formerly CloudGuard WAF) — 4.4/5 (80+ reviews): AI-driven API and zero-day threat prevention
5. Fastly&#39;s Web Application and API Security — 4.2/5 (30+ reviews): Low-tuning WAF with API-layer attack blocking

*Updated June 2026. Based on 2026 G2 verified review data across 1,680 products.*


API security tools protect information traveling through a company’s network via application programming interfaces (APIs). APIs serve a variety of purposes, such as adding functionality to applications, providing cloud services, and connecting networks. Companies use API security technologies to develop an inventory of existing API connections and ensure their security. These tools may additionally discover unknown or shadow APIs, which is a common scenario for companies using numerous APIs.

IT departments, software developers, and security professionals may use API security solutions to improve visibility for APIs, monitor their performance, and enforce strict security guidelines. As companies continuously discover new API connections, monitoring is key to ensuring optimum performance. Security enforcement is also important since many APIs contain sensitive data, which may turn into fines if left exposed. Lastly, many API security solutions include testing features. Testing APIs for security and policy enforcement may be the only way to verify an API’s security.

Some [API management platforms](https://www.g2.com/categories/api-management) provide tools to create an inventory of APIs connected to a network. However, this is only a feature-level functionality of the platform and will not provide substantial security functionality. It is not its most common use case.

To qualify for inclusion in the API Security Tools category, a product must:

- Discover and inventory the APIs connected to a network, application, or system
- Provide robust authentication mechanisms to restrict access to APIs and enable role-based access control (RBAC) to manage who can configure and modify API security settings
- Ensure that the data being sent to the API is encrypted, safe, and valid, and mitigate common threats such as DDoS attacks, replay attacks, and man-in-the-middle attacks
- Keep detailed logs of API access and activities to detect anomalies, monitor usage patterns, and support forensic investigations in case of security incidents
- Have comprehensive analytics and reporting capabilities to gain insights into API usage, performance, and security posture
- Perform security audits and vulnerability assessments to identify and address potential security risks
- Allow for testing and policy enforcement for API connections





## Top API Security Tools at a Glance
| # | Product | Rating | Best For | What Users Say |
|---|---------|--------|----------|----------------|
| 1 | [Postman](https://www.g2.com/products/postman/reviews) | 4.6/5.0 (1,748 reviews) | API endpoint security validation and collaborative testing | "[The easiest way I&#39;ve found to work with APIs](https://www.g2.com/survey_responses/postman-review-13046207)" |
| 2 | [Cloudflare Application Security and Performance](https://www.g2.com/products/cloudflare-application-security-and-performance/reviews) | 4.5/5.0 (595 reviews) | Edge-enforced WAF and API abuse protection | "[Our trusted platform for security, performance, and edge computing](https://www.g2.com/survey_responses/cloudflare-application-security-and-performance-review-13072280)" |
| 3 | [apisec.ai](https://www.g2.com/products/apisec-ai/reviews) | 4.7/5.0 (227 reviews) | Continuous automated API penetration testing with CI/CD integration | "[Best AI API tester I’ve ever used – easy to use with one-click analysis](https://www.g2.com/survey_responses/apisec-ai-review-11639883)" |
| 4 | [Check Point WAF (formerly CloudGuard WAF)](https://www.g2.com/products/check-point-waf-formerly-cloudguard-waf/reviews) | 4.4/5.0 (84 reviews) | AI-driven API and zero-day threat prevention | "[Complex Setup, but Strong Security Features](https://www.g2.com/survey_responses/check-point-waf-formerly-cloudguard-waf-review-13110824)" |
| 5 | [Fastly&#39;s Web Application and API Security](https://www.g2.com/products/fastly-s-web-application-and-api-security/reviews) | 4.2/5.0 (29 reviews) | Low-tuning WAF with API-layer attack blocking | "[Perfect API Protection](https://www.g2.com/survey_responses/fastly-s-web-application-and-api-security-review-12332835)" |
| 6 | [Rakuten SixthSense Observability](https://www.g2.com/products/rakuten-sixthsense-observability/reviews) | 4.6/5.0 (52 reviews) | Real-time API and application observability with unified tracing | "[A very good SAAS monitoring &amp; observability tool](https://www.g2.com/survey_responses/rakuten-sixthsense-observability-review-11287792)" |
| 7 | [Astra Pentest](https://www.g2.com/products/astra-pentest/reviews) | 4.6/5.0 (212 reviews) | Validated API pentesting with remediation-ready reporting | "[Exceptional VAPT Solution with Prompt Support](https://www.g2.com/survey_responses/astra-pentest-review-9603864)" |
| 8 | [Harness Platform](https://www.g2.com/products/harness-platform/reviews) | 4.6/5.0 (300 reviews) | — | "[Harness - World of automation](https://www.g2.com/survey_responses/harness-platform-review-11792426)" |
| 9 | [Orca Security](https://www.g2.com/products/orca-security/reviews) | 4.7/5.0 (300 reviews) | Agentless cloud API exposure and risk prioritization | "[Orca Unifies AppSec, Cloud, and Agent Context in One Clear View](https://www.g2.com/survey_responses/orca-security-review-13096711)" |
| 10 | [Azion](https://www.g2.com/products/azion/reviews) | 4.7/5.0 (31 reviews) | Edge WAF and API bot-blocking | "[Azion as one of the main strategic partners in cybersecurity.](https://www.g2.com/survey_responses/azion-review-12544164)" |

---
## What Are the Most Common Questions About API Security Tools?
*AI-generated · Last updated: May 26, 2026*
### Which is the best API security platform for enterprises?
Based on G2 reviews, Check Point WAF (formerly CloudGuard WAF) stands out for enterprise API security needs because reviewers consistently describe strong protection for web applications and APIs, cloud-native deployment, centralized policy management, and reduced manual tuning. According to verified users, it helps security teams block common attacks, improve visibility into traffic, and automate protection across cloud environments. G2 reviewers mention benefits such as API discovery, threat prevention, support for CI/CD workflows, and lower operational effort once the platform is configured. Reviewers also note tradeoffs, including a learning curve, setup complexity, and premium pricing, which enterprise teams should weigh against the broader automation and coverage it provides.


### What is the best software for API authentication and authorization?
Based on G2 reviews, buyers evaluating API authentication and authorization capabilities often focus on tools that help test, validate, and secure authenticated API traffic rather than identity platforms alone. According to verified users, Postman is frequently used to work with bearer tokens, OAuth, API keys, environments, and shared collections, making it useful for testing secured APIs across development and QA workflows. G2 reviewers mention that Cloudflare Application Security and Performance and Check Point WAF also help protect APIs through access controls, rate limiting, bot protection, and policy enforcement. Across reviews, buyers should expect strengths around visibility and testing, while also noting setup complexity or learning curves for more advanced security configurations.

**Here are some of the top-rated products on G2:**

- [Postman](https://www.g2.com/products/postman/reviews) – used to test secured APIs with bearer tokens, OAuth, API keys, and shared environments
- [Cloudflare Application Security and Performance](https://www.g2.com/products/cloudflare-application-security-and-performance/reviews) – helps enforce rate limiting, bot protection, and firewall controls for exposed APIs
- [Check Point WAF (formerly CloudGuard WAF)](https://www.g2.com/products/check-point-waf-formerly-cloudguard-waf/reviews) – protects APIs with policy enforcement, traffic inspection, and automated threat prevention


### What are the top-rated API security tools for large-scale APIs?
Based on G2 reviews, large-scale API teams often prioritize visibility, automation, and protection across complex environments. According to verified users, Cloudflare Application Security and Performance is valued for handling DDoS mitigation, WAF protection, bot management, and traffic optimization with relatively low ongoing maintenance. G2 reviewers mention Check Point WAF for multi-cloud API protection, automated threat prevention, and centralized visibility, especially where teams need support for modern web and API environments. Reviewers also describe apisec.ai as useful for automating API security testing, continuous scanning, and surfacing OWASP-style risks early in the development cycle. Common review themes across these products include easier scaling of security coverage, but also some onboarding and tuning effort.

**Here are some of the top-rated products on G2:**

- [Cloudflare Application Security and Performance](https://www.g2.com/products/cloudflare-application-security-and-performance/reviews) – used to protect high-traffic apps and APIs with WAF, bot defense, and DDoS mitigation
- [Check Point WAF (formerly CloudGuard WAF)](https://www.g2.com/products/check-point-waf-formerly-cloudguard-waf/reviews) – suited for cloud-native and multi-cloud API environments needing automated protection and visibility
- [apisec.ai](https://www.g2.com/products/apisec-ai/reviews) – helps large teams automate API security testing and continuous vulnerability scanning


### Which API security platform offers AI-powered threat prevention?
Based on G2 reviews, Check Point WAF (formerly CloudGuard WAF) is repeatedly described as offering AI-driven or contextual AI-based threat prevention for web applications and APIs. According to verified users, reviewers value its ability to detect and block threats such as SQL injection, XSS, bot activity, and zero-day style attacks while reducing manual rule tuning. G2 reviewers mention strengths like automated learning, behavioral analysis, low false positives in production use, and fit for cloud-native environments. Several reviews also point to visibility into traffic and support for API security use cases. Buyers should note that reviewers also mention a steeper setup and tuning process, especially for teams new to the platform or managing complex applications.


### What is the best API security software for compliance-driven industries?
Based on G2 reviews, compliance-focused buyers often look for tools that provide clear reporting, repeatable testing, and evidence they can share with auditors or customers. According to verified users, Astra Pentest is often used to support compliance requirements, client security reviews, and formal pentest documentation, with reviewers highlighting detailed reports, clear remediation guidance, and dashboard visibility. G2 reviewers also mention Intruder for continuous vulnerability scanning and ongoing visibility between formal assessments, and BugDazz API Scanner for technical and compliance-ready reporting used in audit scenarios. Across reviews, the strongest themes are actionable findings, easier proof for security diligence, and support for regular security validation rather than one-time checks alone.

**Here are some of the top-rated products on G2:**

- [Astra Pentest](https://www.g2.com/products/astra-pentest/reviews) – used to generate pentest reports and security evidence for audits, customers, and compliance workflows
- [Intruder](https://www.g2.com/products/intruder/reviews) – supports regular vulnerability scanning and clearer visibility between formal compliance assessments
- [BugDazz API Scanner](https://www.g2.com/products/bugdazz-api-scanner/reviews) – provides detailed reports that reviewers use for internal reviews and audit documentation


### What are the best platforms for API vulnerability scanning?
Based on G2 reviews, buyers looking for API vulnerability scanning tools often favor products that automate discovery, scanning, and remediation guidance. According to verified users, apisec.ai is widely used to automate API security testing, continuously scan for vulnerabilities, and provide actionable reporting that reduces manual effort. G2 reviewers mention Pynt - API Security Testing for automated API discovery and security testing tied closely to development workflows, especially where teams want fewer false positives and easier alerts. Reviewers also describe Akto API Security Platform as helpful for surfacing API issues quickly through a clear dashboard and automated checks. Common review themes include faster coverage and earlier detection, with some products requiring onboarding time or tuning for advanced scenarios.

**Here are some of the top-rated products on G2:**

- [apisec.ai](https://www.g2.com/products/apisec-ai/reviews) – automates continuous API vulnerability scanning and highlights common API security risks with actionable reports
- [Pynt - API Security Testing](https://www.g2.com/products/pynt-api-security-testing/reviews) – combines automated API discovery and security testing with fewer false positives in review feedback
- [Akto API Security Platform](https://www.g2.com/products/akto-api-security-platform/reviews) – helps teams find API security issues early through automated checks and a simple dashboard


### Which API security solution integrates with DevSecOps workflows?
Based on G2 reviews, several API security products are used within DevSecOps pipelines, but apisec.ai is frequently mentioned for CI/CD integration and automated testing in the software delivery process. According to verified users, it helps teams shift API security earlier in development by automating scans, generating reports, and reducing manual pentesting effort. G2 reviewers mention integrations with CI/CD pipelines as a key strength, alongside continuous testing and support for identifying issues before release. Reviewers also note that setup can take some onboarding for complex environments, but the payoff is stronger coverage and faster remediation. For teams prioritizing pipeline-based security validation, apisec.ai appears especially well aligned with review feedback.


### What are the top tools for protecting public and private APIs?
Based on G2 reviews, protecting both public-facing and internal APIs often requires a mix of traffic inspection, discovery, and automated defense. According to verified users, Cloudflare Application Security and Performance is used to secure exposed services with firewall controls, bot management, rate limiting, and DDoS mitigation while also improving availability. G2 reviewers mention Check Point WAF for API protection across cloud and hybrid environments with strong inspection and automated threat prevention. Reviewers also describe Cequence Security as valuable for API visibility, bot detection, and identifying abuse patterns across complex environments. Across reviews, buyers should expect strong coverage for external threats and unknown APIs, while also planning for tuning and onboarding where environments are large or highly customized.

**Here are some of the top-rated products on G2:**

- [Cloudflare Application Security and Performance](https://www.g2.com/products/cloudflare-application-security-and-performance/reviews) – secures exposed APIs with WAF controls, rate limiting, DDoS mitigation, and bot protection
- [Check Point WAF (formerly CloudGuard WAF)](https://www.g2.com/products/check-point-waf-formerly-cloudguard-waf/reviews) – protects APIs across cloud and hybrid setups with inspection, policy controls, and automated defenses
- [Cequence Security](https://www.g2.com/products/cequence-security/reviews) – helps discover APIs and detect abuse patterns, credential stuffing, and automated bot attacks


### What are the top tools for preventing API data breaches?
Based on G2 reviews, preventing API data breaches starts with better visibility into exposed endpoints, sensitive traffic, and abusive behavior. According to verified users, Cequence Security is valued for detecting abnormal API activity, credential stuffing, scraping, and abuse patterns that can lead to account compromise or data loss. G2 reviewers mention Cloudflare Application Security and Performance for shielding apps and APIs with WAF, DDoS protection, bot management, and rate limiting. Reviewers also describe Levo.ai as useful for API inventory, identifying unknown APIs, and surfacing risks in API-first environments. Common themes across reviews include discovering blind spots, reducing manual monitoring, and improving response to misuse before it becomes a larger incident.

**Here are some of the top-rated products on G2:**

- [Cequence Security](https://www.g2.com/products/cequence-security/reviews) – helps stop credential stuffing, scraping, and abnormal API behavior tied to data exposure risk
- [Cloudflare Application Security and Performance](https://www.g2.com/products/cloudflare-application-security-and-performance/reviews) – provides WAF, bot defense, and rate limiting to reduce abuse against exposed APIs
- [Levo.ai](https://www.g2.com/products/levo-ai/reviews) – helps discover API inventory and identify unidentified APIs that could increase breach risk


### Which API protection tool offers real-time threat detection?
Based on G2 reviews, Wallarm API Security Platform is specifically called out by reviewers for accurate real-time API threat detection with few false positives. According to verified users, it is used to protect APIs and web applications from modern attacks, including OWASP-style threats and zero-day risks. G2 reviewers mention the appeal of real-time detection quality, while also noting that configuration and tuning can be time-consuming for newer users. Review feedback suggests it is a strong fit for teams that prioritize fast threat visibility and ongoing protection at the API layer. Buyers should plan for implementation effort, but the real-time detection focus is a clear recurring theme in the available G2 feedback.




## G2 Grid® for API Security Tools
![G2 Grid® for API Security Tools plotting products by satisfaction and market presence](https://www.g2.com/categories/api-security/grids.png?focus%5B%5D=20238&focus%5B%5D=10700&focus%5B%5D=1339605&focus%5B%5D=143374&focus%5B%5D=1211333&focus%5B%5D=105445&focus%5B%5D=154599&focus%5B%5D=100655)
Highlighted products: Postman, Cloudflare Application Security and Performance, Check Point WAF (formerly CloudGuard WAF), apisec.ai, Rakuten SixthSense Observability, Fastly&#39;s Web Application and API Security, Astra Pentest, and Harness Platform.
Underlying data: [Grid® JSON](https://www.g2.com/categories/api-security/grids.json?focus%5B%5D=postman&amp;focus%5B%5D=cloudflare-application-security-and-performance&amp;focus%5B%5D=check-point-waf-formerly-cloudguard-waf&amp;focus%5B%5D=apisec-ai&amp;focus%5B%5D=rakuten-sixthsense-observability&amp;focus%5B%5D=fastly-s-web-application-and-api-security&amp;focus%5B%5D=astra-pentest&amp;focus%5B%5D=harness-platform)


## How Many API Security Tools Products Does G2 Track?
**Total Products under this Category:** 69

### Category Stats (Jul 2026)
- **Average Rating**: 4.56/5 (↑0.02 vs Jun 2026) The average rating of products in this category, based on all submitted ratings
- **Top Trending Product**: AppSentinels (+2.85%) - Among all products in this category, AppSentinels recorded the largest rating increase compared to last month
*Last updated: July 16, 2026*


## How Does G2 Rank API Security Tools Products?

**Why You Can Trust G2's Software Rankings:**

- 30 Analysts and Data Experts
- 5,000+ Authentic Reviews
- 69+ Products
- Unbiased Rankings

G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category.


## Which API Security Tools Is Best for Your Use Case?

- **Leader:** [Postman](https://www.g2.com/products/postman/reviews)
- **Highest Performer:** [apisec.ai](https://www.g2.com/products/apisec-ai/reviews)
- **Easiest to Use:** [Postman](https://www.g2.com/products/postman/reviews)
- **Top Trending:** [Astra Pentest](https://www.g2.com/products/astra-pentest/reviews)
- **Best Free Software:** [Postman](https://www.g2.com/products/postman/reviews)


---

**Sponsored**

### Ory

Ory offers a suite of cloud-native, open-source identity and access management solutions, including: Ory Kratos for configurable user management with features like MFA and social login; Ory Hydra for OAuth 2.0 and OpenID Connect authorization; Ory Polis for organization management and enterprise SSO; Ory Keto for a granular authorization system based on Google Zanzibar; Ory Oathkeeper, an identity and access proxy that enforces a Zero Trust security model; and Ory Talos to Transform API keys into dynamic controls for the agentic era . Deploy Your Way \* Ory Network - SaaS, instant on global identity system \* Ory Enterprise License - On-prem self-hosted option (same code as our SaaS offering) with enterprise support \* Open Source - Try Ory for your specific use cases (community supported)



[Visit website](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=ppc&amp;secure%5Bad_slot%5D=category_product_list&amp;secure%5Bcategory_id%5D=2253&amp;secure%5Bchosen_at%5D=2026-07-16T22%3A03%3A36Z&amp;secure%5Bdisplayable_resource_id%5D=2253&amp;secure%5Bdisplayable_resource_type%5D=Category&amp;secure%5Bmedium%5D=sponsored&amp;secure%5Bplacement_reason%5D=page_category&amp;secure%5Bplacement_resource_ids%5D%5B%5D=2253&amp;secure%5Bprioritized%5D=false&amp;secure%5Bproduct_id%5D=1197072&amp;secure%5Bresource_id%5D=2253&amp;secure%5Bresource_type%5D=Category&amp;secure%5Bsource_type%5D=category_page&amp;secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fapi-security%3Fopen_modal_url%3D%252Fproducts%252Finvicti-formerly-netsparker%252Fwishlists%253Fhost_path%253D%25252Fcategories%25252Fapi-security%2526source%253Dcategory&amp;secure%5Btoken%5D=e9fd2092a278f4bb006539bcdcdc7c8e614547c1374edfde47a05da85c6bbe8a&amp;secure%5Burl%5D=https%3A%2F%2Fwww.ory.com%2Fpricing%2F&amp;secure%5Burl_type%5D=custom_url)

---

## What Are the Top-Rated API Security Tools Products in 2026?
### 1. [Postman](https://www.g2.com/products/postman/reviews)
Postman is the world’s leading API platform, used by more than 40 million developers and 500,000 organizations to build, test, and manage APIs at scale. With Postman, teams collaborate efficiently across the entire API lifecycle, including design, development, testing, security, documentation, and governance. The platform helps ensure consistency, quality, and enterprise-grade control. Postman also offers Agent Mode (beta), built on AWS Bedrock and trained with AWS SageMaker. Agent Mode enables developers to use natural language to debug requests, organize collections, document APIs, and automate workflows without switching tools or writing custom scripts.


**Average Rating:** 4.6/5.0
**Total Reviews:** 1,748
**How Do G2 Users Rate Postman?**

- **API Testing:** 9.5/10 (Category avg: 9.1/10)
- **API Monitoring:** 9.1/10 (Category avg: 8.9/10)

**Who Is the Company Behind Postman?**

- **Seller:** [Postman](https://www.g2.com/sellers/postman)
- **Year Founded:** 2014
- **HQ Location:** San Francisco, CA
- **Twitter:** @getpostman (55,430 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/3795851/ (3,512 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Software Engineer, Software Developer
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 39% Mid-Market, 35% Small-Business


#### What Are Postman's Pros and Cons?

**Pros:**

- Ease of Use (460 reviews)
- API Testing (394 reviews)
- API Management (304 reviews)
- Testing (278 reviews)
- Testing Efficiency (276 reviews)

**Cons:**

- Slow Performance (222 reviews)
- Performance Issues (202 reviews)
- Slow Loading (145 reviews)
- Resource Limitations (131 reviews)
- Limited Features (120 reviews)


### What Do G2 Reviewers Say About Postman?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of use** of Postman, which simplifies API testing with its intuitive interface and features.
- Users appreciate the **intuitive API testing capabilities** of Postman, enhancing their project management and collaboration efficiency.
- Users appreciate the **smooth API lifecycle management** in Postman, enhancing their testing, mocking, and automation processes.
- Users praise Postman&#39;s **easy testing capabilities** , especially its intuitive interface and robust collaboration features.
- Users value the **testing efficiency** of Postman, finding it intuitive and easy for managing API workflows seamlessly.

**Cons:**

- Users note that Postman has **slow performance** , particularly when handling large collections or multiple workspaces.
- Users find that Postman exhibits **performance issues** , particularly with high resource demands and slow sync times.
- Users experience **slow loading times** with Postman, especially when managing large collections or multiple tabs.
- Users find Postman has **heavy resource limitations** , particularly affecting performance with large collections and offline access.
- Users find the **limited features** in Postman frustrating, particularly for smaller teams that need advanced functionalities.

#### What Are Recent G2 Reviews of Postman?

**"[The easiest way I&#39;ve found to work with APIs](https://www.g2.com/survey_responses/postman-review-13046207)"**

**Rating:** 4.5/5.0 stars
*— Miguel F.*

[Read full review](https://www.g2.com/survey_responses/postman-review-13046207)

---

**"[Postman Makes API Testing Fast and Organized with Collections](https://www.g2.com/survey_responses/postman-review-13066410)"**

**Rating:** 4.5/5.0 stars
*— ARYAN M.*

[Read full review](https://www.g2.com/survey_responses/postman-review-13066410)

---


#### What Are G2 Users Discussing About Postman?

- [What is Postman used for?](https://www.g2.com/discussions/what-is-postman-used-for) - 8 comments, 2 upvotes

### 2. [Cloudflare Application Security and Performance](https://www.g2.com/products/cloudflare-application-security-and-performance/reviews)
Cloudflare is the connectivity cloud for the &quot;everywhere world,&quot; on a mission to help build a better Internet. We provide a unified platform of networking, security, and developer services delivered from a single, intelligent global network that spans hundreds of cities in over 125 countries. This empowers organizations of all sizes, from small businesses to the world&#39;s largest enterprises, to make their employees, applications, and networks faster and more secure everywhere, while significantly reducing complexity and cost. Our comprehensive platform includes: - Advanced Security: Protect your online presence with industry-leading DDoS protection, a robust Web Application Firewall (WAF), Bot mitigation, and API security. Implement Zero Trust security to secure remote access, data, and applications for your entire workforce. - Superior Performance: Accelerate website and application loading times globally with our Content Delivery Network (CDN), intelligent DNS, and smart routing capabilities. Optimize images and deliver dynamic content with unparalleled speed. - Powerful Developer Tools: Empower your developers to build and deploy full-stack applications at the edge using Cloudflare Workers (serverless functions), R2 Storage (object storage without egress fees), and D1 (serverless SQL database). Cloudflare helps connect and protect millions of customers globally, offering the control, visibility, and reliability businesses need to work, develop, and accelerate their operations in today&#39;s hyperconnected landscape. Our global network continuously learns and adapts, ensuring your digital assets are always protected and performing at their best.


**Average Rating:** 4.5/5.0
**Total Reviews:** 595
**How Do G2 Users Rate Cloudflare Application Security and Performance?**

- **API Testing:** 10.0/10 (Category avg: 9.1/10)
- **API Monitoring:** 9.8/10 (Category avg: 8.9/10)

**Who Is the Company Behind Cloudflare Application Security and Performance?**

- **Seller:** [Cloudflare, Inc.](https://www.g2.com/sellers/cloudflare-inc)
- **Company Website:** https://www.cloudflare.com
- **Year Founded:** 2009
- **HQ Location:** San Francisco, California
- **Twitter:** @Cloudflare (286,254 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/407222/ (7,190 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Web Developer, Software Engineer
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 61% Small-Business, 27% Mid-Market


#### What Are Cloudflare Application Security and Performance's Pros and Cons?

**Pros:**

- Security (53 reviews)
- Ease of Use (49 reviews)
- Features (43 reviews)
- Performance (35 reviews)
- DDoS Protection (34 reviews)

**Cons:**

- Complex User Interface (23 reviews)
- Expensive (23 reviews)
- Complex Setup (18 reviews)
- Complexity (17 reviews)
- Learning Curve (14 reviews)


### What Do G2 Reviewers Say About Cloudflare Application Security and Performance?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value Cloudflare&#39;s **robust security features** , ensuring enhanced application protection with minimal effort and seamless integration.
- Users appreciate the **ease of use** with Cloudflare, highlighting its intuitive dashboard and seamless integration.
- Users appreciate the **user-friendly interface** of Cloudflare, facilitating easy management of security and performance features.
- Users praise the **enhanced performance** of Cloudflare, noting significant improvements in website loading speeds and efficiency.
- Users praise the **effective DDoS protection** of Cloudflare, ensuring peace of mind and improved website performance.

**Cons:**

- Users find the **complex user interface** challenging, making navigation and rule configuration often confusing and tedious.
- Users find Cloudflare Application Security and Performance **expensive** , as many advanced features require costly upgrades that limit accessibility.
- Users find the **complex setup** can hinder user-friendliness, especially for those new to security platforms.
- Users find the **complexity of advanced configurations** challenging, particularly for beginners, impacting user-friendliness and customization.
- Users experience a **steep learning curve** when navigating advanced features, challenging for those new to security platforms.

#### What Are Recent G2 Reviews of Cloudflare Application Security and Performance?

**"[Our trusted platform for security, performance, and edge computing](https://www.g2.com/survey_responses/cloudflare-application-security-and-performance-review-13072280)"**

**Rating:** 5.0/5.0 stars
*— Pablo H.*

[Read full review](https://www.g2.com/survey_responses/cloudflare-application-security-and-performance-review-13072280)

---

**"[Secure access with WARP and solid stability even during traffic peaks](https://www.g2.com/survey_responses/cloudflare-application-security-and-performance-review-13076468)"**

**Rating:** 4.5/5.0 stars
*— Flor B.*

[Read full review](https://www.g2.com/survey_responses/cloudflare-application-security-and-performance-review-13076468)

---


#### What Are G2 Users Discussing About Cloudflare Application Security and Performance?

- [What is Cloudflare Spectrum used for?](https://www.g2.com/discussions/what-is-cloudflare-spectrum-used-for) - 1 comment
- [What is Cloudflare Bot Management used for?](https://www.g2.com/discussions/what-is-cloudflare-bot-management-used-for)
- [Does Cloudflare provide hosting?](https://www.g2.com/discussions/does-cloudflare-provide-hosting) - 2 comments
- [How good is Cloudflare DNS?](https://www.g2.com/discussions/how-good-is-cloudflare-dns) - 1 comment, 1 upvote
- [What does DDoS protection do?](https://www.g2.com/discussions/what-does-ddos-protection-do)

### 3. [apisec.ai](https://www.g2.com/products/apisec-ai/reviews)
APIsec automated API testing platform automatically analyzes applications, simulates sophisticated attacks across the full spectrum of OWASP threats, and uncovers vulnerabilities and exploits before they reach production. By eliminating the need for time-consuming manual testing, APIsec helps security and development teams strengthen their security posture with continuous, preventative API protection. In addition, APIsec operates APIsec University, the world’s most popular API security education platform, offering dozens of free courses and a vibrant community of over 100,000 members. Together, our advanced security solutions and educational resources enable organizations to build, deploy, and maintain secure applications with confidence.


**Average Rating:** 4.7/5.0
**Total Reviews:** 227
**How Do G2 Users Rate apisec.ai?**

- **API Testing:** 9.0/10 (Category avg: 9.1/10)
- **API Monitoring:** 8.7/10 (Category avg: 8.9/10)

**Who Is the Company Behind apisec.ai?**

- **Seller:** [apisec.ai](https://www.g2.com/sellers/apisec-ai)
- **Year Founded:** 2018
- **HQ Location:** San Francisco, US
- **LinkedIn® Page:** http://www.linkedin.com/company/apisec (41 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Security Consultant, Cyber Security Analyst
- **Top Industries:** Computer &amp; Network Security, Information Technology and Services
- **Company Size:** 64% Small-Business, 23% Mid-Market


#### What Are apisec.ai's Pros and Cons?

**Pros:**

- Security (71 reviews)
- Ease of Use (61 reviews)
- API Management (56 reviews)
- Testing Efficiency (56 reviews)
- Automation (50 reviews)

**Cons:**

- API Issues (25 reviews)
- Complex Setup (19 reviews)
- Poor Documentation (13 reviews)
- Difficult Learning Curve (12 reviews)
- Expensive (9 reviews)


### What Do G2 Reviewers Say About apisec.ai?
*AI-generated summary from verified user reviews*

**Pros:**

- Users commend the **robust security testing** capabilities of Apisec.ai, making it essential for effective API protection.
- Users appreciate the **user-friendly interface** of apisec.ai, making pentesting accessible even for beginners.
- Users value the **practical hands-on approach** of apisec.ai, making API security accessible for all professionals.
- Users value the **testing efficiency** of apisec.ai, appreciating its ease of use and quick identification of vulnerabilities.
- Users appreciate the **automation** of apisec.ai, as it effortlessly scans APIs and simplifies vulnerability identification.

**Cons:**

- Users are frustrated with the **limited API support** in the free edition, affecting their testing capabilities.
- Users find the **complex setup** of apisec.ai overwhelming, requiring trial and error for proper configuration.
- Users find the **poor documentation** of apisec.ai limits their ability to effectively utilize its advanced features.
- Users face a **difficult learning curve** when getting started with ApiSec.ai, requiring additional onboarding and better documentation.
- Users find the **prices too high** for the exams, wishing for more affordable options between free and premium plans.

#### What Are Recent G2 Reviews of apisec.ai?

**"[Best AI API tester I’ve ever used – easy to use with one-click analysis](https://www.g2.com/survey_responses/apisec-ai-review-11639883)"**

**Rating:** 5.0/5.0 stars
*— B.B Shalitha M.*

[Read full review](https://www.g2.com/survey_responses/apisec-ai-review-11639883)

---

**"[Scanning at Scale at the age of AI with APISec](https://www.g2.com/survey_responses/apisec-ai-review-11038850)"**

**Rating:** 4.0/5.0 stars
*— Suvam A.*

[Read full review](https://www.g2.com/survey_responses/apisec-ai-review-11038850)

---



### 4. [Check Point WAF (formerly CloudGuard WAF)](https://www.g2.com/products/check-point-waf-formerly-cloudguard-waf/reviews)
CloudGuard WAF is a cloud-native Web and API security solution designed to help users safeguard their applications from both known and unknown threats. By leveraging advanced contextual AI, this solution provides precise threat prevention without the need for traditional signature-based detection methods. This innovative approach allows organizations to maintain a robust security posture while minimizing the risks associated with evolving cyber threats. Targeted primarily at businesses that rely on web applications and APIs, CloudGuard WAF is particularly beneficial for enterprises in sectors such as finance, healthcare, and e-commerce, where data protection is paramount. The solution is designed to address the complex security challenges that arise in modern application environments, especially those utilizing continuous integration and continuous deployment (CI/CD) practices. As organizations increasingly adopt cloud-native architectures, the need for flexible and efficient security solutions becomes critical. One of the standout features of CloudGuard WAF is its preemptive protection capabilities. By employing machine learning-based security measures, the solution can effectively prevent zero-day threats, which are vulnerabilities that have not yet been discovered or patched. This proactive approach eliminates the reliance on frequent signature updates, allowing organizations to stay ahead of potential attacks without the need for constant manual intervention. Moreover, CloudGuard WAF excels in precise detection, enabling it to identify a broader range of attacks while minimizing the need for ongoing fine-tuning and exception creation. This feature not only enhances the accuracy of threat detection but also reduces the operational burden on security teams, allowing them to focus on more strategic initiatives rather than routine adjustments. Designed with cloud-native principles in mind, CloudGuard WAF supports CI/CD-friendly deployment and automation. This means that organizations can easily integrate the solution into their existing workflows, from installation to upgrades and configuration. By utilizing declarative infrastructure-as-code or APIs, users can streamline their security processes, ensuring that their applications remain protected as they evolve. Overall, CloudGuard WAF represents a significant advancement in the realm of web and API security, offering organizations a sophisticated and adaptable solution to combat the ever-changing landscape of cyber threats. Its combination of preemptive protection, precise detection, and cloud-native design makes it a valuable asset for any organization looking to enhance its security posture in today&#39;s digital environment.


**Average Rating:** 4.4/5.0
**Total Reviews:** 84
**How Do G2 Users Rate Check Point WAF (formerly CloudGuard WAF)?**

- **API Testing:** 8.7/10 (Category avg: 9.1/10)
- **API Monitoring:** 8.9/10 (Category avg: 8.9/10)

**Who Is the Company Behind Check Point WAF (formerly CloudGuard WAF)?**

- **Seller:** [Check Point Software Technologies](https://www.g2.com/sellers/check-point-software-technologies)
- **Company Website:** https://www.checkpoint.com/
- **Year Founded:** 1993
- **HQ Location:** Redwood City, CA
- **Twitter:** @CheckPointSW (70,955 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/check-point-software-technologies/ (8,554 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 57% Mid-Market, 28% Small-Business


#### What Are Check Point WAF (formerly CloudGuard WAF)'s Pros and Cons?

**Pros:**

- Protection (35 reviews)
- Security (29 reviews)
- Cybersecurity (21 reviews)
- DDoS Protection (21 reviews)
- WAF (Web Application Firewall) (18 reviews)

**Cons:**

- Complex Setup (21 reviews)
- Expensive (14 reviews)
- Learning Difficulty (13 reviews)
- Difficult Learning Curve (11 reviews)
- Poor Documentation (9 reviews)


### What Do G2 Reviewers Say About Check Point WAF (formerly CloudGuard WAF)?
*AI-generated summary from verified user reviews*

**Pros:**

- Users praise the **strong protection** of Check Point WAF, effectively defending against various web application attacks.
- Users value the **robust security** of Check Point CloudGuard WAF, appreciating its advanced threat prevention and easy management.
- Users value the **proactive and AI-driven threat prevention** of Check Point CloudGuard WAF for its comprehensive coverage.
- Users appreciate the **AI-driven threat prevention** of Check Point CloudGuard WAF, ensuring effective protection with minimal effort.
- Users appreciate the **easy management** of Check Point WAF across hybrid environments, enhancing operational efficiency and protection.

**Cons:**

- Users find the **complex setup** challenging, hindering initial adoption and making management difficult for new users.
- Users find the **pricing for Check Point WAF** to be high, especially impacting smaller teams and businesses.
- Users face a **steep learning curve** with Check Point WAF, complicating the initial setup and user experience.
- Users face a **difficult learning curve** with Check Point WAF, complicating initial setup and understanding key features.
- Users find the **poor documentation** of Check Point WAF to significantly hinder their onboarding and understanding of the system.

#### What Are Recent G2 Reviews of Check Point WAF (formerly CloudGuard WAF)?

**"[Strong and reliable WAF for modern web and API security](https://www.g2.com/survey_responses/check-point-waf-formerly-cloudguard-waf-review-12736414)"**

**Rating:** 4.5/5.0 stars
*— Dharamveer p.*

[Read full review](https://www.g2.com/survey_responses/check-point-waf-formerly-cloudguard-waf-review-12736414)

---

**"[Complex Setup, but Strong Security Features](https://www.g2.com/survey_responses/check-point-waf-formerly-cloudguard-waf-review-13110824)"**

**Rating:** 4.5/5.0 stars
*— Samiksha C.*

[Read full review](https://www.g2.com/survey_responses/check-point-waf-formerly-cloudguard-waf-review-13110824)

---



### 5. [Fastly&#39;s Web Application and API Security](https://www.g2.com/products/fastly-s-web-application-and-api-security/reviews)
Fastly’s AppSec solutions empower teams to mitigate threats and control bots while helping the business move faster, confidently. Protect Your Apps and APIs While Accelerating Growth with Fastly’s Next-Gen WAF, DDoS Protection, Bot Management, API Security, and more. Our solutions are designed to help you stop cyber threats from derailing your biggest moments, accelerate innovation while minimizing new risk, and govern bots without increasing user friction.


**Average Rating:** 4.2/5.0
**Total Reviews:** 29

**Who Is the Company Behind Fastly&#39;s Web Application and API Security?**

- **Seller:** [Fastly](https://www.g2.com/sellers/fastly)
- **Year Founded:** 2011
- **HQ Location:** San Francisco, California, United States
- **Twitter:** @Fastly (29,199 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/2602522/ (1,398 employees on LinkedIn®)
- **Ownership:** NYSE: FSLY

**Who Uses This Product?**
- **Top Industries:** Computer Software
- **Company Size:** 50% Mid-Market, 37% Enterprise


#### What Are Fastly&#39;s Web Application and API Security's Pros and Cons?

**Pros:**

- Ease of Use (5 reviews)
- Security (5 reviews)
- Customer Support (3 reviews)
- DDoS Protection (3 reviews)
- Protection (3 reviews)

**Cons:**

- Expensive (3 reviews)
- Poor Customer Support (3 reviews)
- Complex Configuration (2 reviews)
- Complex Setup (2 reviews)
- Complex Management (1 reviews)


### What Do G2 Reviewers Say About Fastly&#39;s Web Application and API Security?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of setup and user-friendly GUI** of Fastly&#39;s Web Application and API Security product.
- Users appreciate the **robust protection against attacks** offered by Fastly&#39;s Web Application and API Security, ensuring easy HTTPS access.
- Users praise the **excellent customer support** provided by Fastly, enhancing their implementation and usage experience.
- Users commend the **effective DDoS protection** of Fastly, ensuring robust security against various web application threats.
- Users appreciate the **excellent security** provided by Fastly&#39;s Web Application and API Security against various types of attacks.

**Cons:**

- Users find the **pricing to be expensive** , especially for small projects and additional technical support costs.
- Users express frustration with **poor customer support** , making it challenging to receive timely assistance for their needs.
- Users find the **complex configuration** of Fastly&#39;s Web Application and API Security to be overwhelming and cumbersome.
- Users find the **complex setup** of Fastly&#39;s Web Application and API Security to be time-consuming and challenging.
- Users find the **complex management** of Fastly&#39;s Web Application and API Security to be cumbersome and time-consuming.

#### What Are Recent G2 Reviews of Fastly&#39;s Web Application and API Security?

**"[Perfect API Protection](https://www.g2.com/survey_responses/fastly-s-web-application-and-api-security-review-12332835)"**

**Rating:** 5.0/5.0 stars
*— Vladimir M.*

[Read full review](https://www.g2.com/survey_responses/fastly-s-web-application-and-api-security-review-12332835)

---

**"[It’s an easy to use and provides the better security to application, API and devops environment](https://www.g2.com/survey_responses/fastly-s-web-application-and-api-security-review-9336328)"**

**Rating:** 5.0/5.0 stars
*— Shakir K.*

[Read full review](https://www.g2.com/survey_responses/fastly-s-web-application-and-api-security-review-9336328)

---



### 6. [Rakuten SixthSense Observability](https://www.g2.com/products/rakuten-sixthsense-observability/reviews)
In today&#39;s digital landscape, businesses need a powerful and comprehensive Application Performance Monitoring (APM) solution to stay ahead of the curve. Introducing Rakuten SixthSense Observability - a next-generation APM tool that transforms the way you monitor, analyze, and optimize your applications and infrastructure. With its robust suite of features and advanced analytics, Rakuten SixthSense Observability empowers you to proactively identify and resolve issues, streamline operations, and enhance customer experiences. Key Capabilities: • Comprehensive Monitoring and Alerting: Rakuten SixthSense Observability offers end-to-end monitoring of your applications, infrastructure, and network performance. With real-time alerting and customizable dashboards, you can quickly detect issues and gain actionable insights into the health and performance of your systems. • Distributed Tracing and Correlation: Gain full visibility into your application&#39;s performance with distributed tracing, which tracks transactions and requests across multiple services and components. This feature helps you identify bottlenecks, latency issues, and errors, making it easier to optimize your application and enhance customer experiences. • Anomaly Detection and Machine Learning: Leverage Rakuten SixthSense&#39;s advanced machine learning capabilities to automatically identify unusual patterns and deviations in application performance and resource utilization. This proactive approach enables you to detect and resolve issues before they impact your business and customers. • Advanced Analytics and Visualization: Rakuten SixthSense&#39;s rich data visualization and analytics tools allow you to dive deep into your application performance data. Generate custom reports, analyze trends, and uncover hidden patterns that can drive continuous improvement and optimization. • Log Management and Integration: Effortlessly collect, analyze, and store logs from various sources with Rakuten SixthSense&#39;s integrated log management feature. This seamless integration enables you to correlate log data with performance metrics and traces, providing a comprehensive understanding of your application&#39;s behaviour. • Scalability and Flexibility: Rakuten SixthSense Observability is built to scale with your growing business needs, supporting a wide range of applications, services, and infrastructure. Its flexible architecture allows you to customize the tool to your specific requirements and integrate it with other monitoring and observability solutions. Current Feature set: • Application Performance Monitoring: Full stack visibility across Java, PHP, Node.js, Python, Go and a lot more! Key Features include, Distributed Tracing, Profiling, Database Monitoring • Infrastructure Monitoring: Get a birds-eye view of your infrastructure health and gain granular insights with easy deployment Key Features include Kubernetes, VMs, Web Servers, Cloud Integrations • Digital Experience Monitoring: Improve the end-user experience of your applications mapped with contextual information of application performance metrics • Browser Monitoring: Metrics to optimize end users’ experience and help in improving application performance. • Mobile Monitoring: Monitor crashes, performance &amp; usage metrics for your mobile applications • Synthetic Monitoring: Stimulate end-user transactions using low code, no code test scripts • VM Monitoring: VM monitoring capability lets you view your infrastructure performance and health of servers, virtual machines, containers, databases etc. at a glance. • SixthSense Cognitive Engine: Modern observability and the proactive approach using artificial intelligence. The application uses different AI/ML algorithms that can predict performance metrics with an accuracy of up to 98% and a confidence level of 90%.


**Average Rating:** 4.6/5.0
**Total Reviews:** 52
**How Do G2 Users Rate Rakuten SixthSense Observability?**

- **API Testing:** 9.3/10 (Category avg: 9.1/10)
- **API Monitoring:** 10.0/10 (Category avg: 8.9/10)

**Who Is the Company Behind Rakuten SixthSense Observability?**

- **Seller:** [Rakuten SixthSense](https://www.g2.com/sellers/rakuten-sixthsense-f1af4c23-8be7-4bf4-a775-a4d50eebce5d)
- **Year Founded:** 2016
- **HQ Location:** Bengaluru, IN
- **LinkedIn® Page:** https://www.linkedin.com/company/rakuten-sixthsense/ (5 employees on LinkedIn®)
- **Ownership:** TYO: 4755

**Who Uses This Product?**
- **Who Uses This:** Senior Software Engineer
- **Top Industries:** Information Technology and Services, Computer Games
- **Company Size:** 47% Enterprise, 38% Mid-Market


#### What Are Rakuten SixthSense Observability's Pros and Cons?

**Pros:**

- Monitoring (11 reviews)
- Alerting System (9 reviews)
- Customer Support (9 reviews)
- Ease of Use (9 reviews)
- Implementation Ease (9 reviews)

**Cons:**

- Complex Setup (3 reviews)
- Poor Documentation (3 reviews)
- Alert Issues (2 reviews)
- Inefficient Alert System (2 reviews)
- Insufficient Information (2 reviews)


### What Do G2 Reviewers Say About Rakuten SixthSense Observability?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **deep visibility** and AI-driven insights of Rakuten SixthSense for enhanced application performance monitoring.
- Users appreciate the **efficient alerting system** that simplifies monitoring and provides quick access to root causes.
- Users value the **excellent customer support** provided by Rakuten SixthSense, enhancing their experience with the platform.
- Users appreciate the **ease of use** of Rakuten SixthSense Observability, facilitating quick identification and resolution of performance issues.
- Users appreciate the **easy implementation** of Rakuten SixthSense, allowing quick access to vital performance insights.

**Cons:**

- Users find the **complex setup** necessary for Rakuten SixthSense Observability requires significant initial onboarding effort.
- Users feel the **documentation is lacking** , making setup and navigation more challenging than necessary.
- Users report issues with **false positive alerts** and desire enhanced functionality for error record notifications.
- Users experience **inefficient alert system** with false positives and a lack of timely dashboard notifications for monitoring.
- Users feel the **documentation needs improvement** , hindering effective usage of Rakuten SixthSense Observability.

#### What Are Recent G2 Reviews of Rakuten SixthSense Observability?

**"[A very good SAAS monitoring &amp; observability tool](https://www.g2.com/survey_responses/rakuten-sixthsense-observability-review-11287792)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Computer Games*

[Read full review](https://www.g2.com/survey_responses/rakuten-sixthsense-observability-review-11287792)

---

**"[Great monitoring tool!](https://www.g2.com/survey_responses/rakuten-sixthsense-observability-review-8230168)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Information Technology and Services*

[Read full review](https://www.g2.com/survey_responses/rakuten-sixthsense-observability-review-8230168)

---



### 7. [Astra Pentest](https://www.g2.com/products/astra-pentest/reviews)
Astra Security is a leading continuous penetration testing platform that combines AI-powered autonomous pentesting with certified expert-led assessments. Powered by Attack AI, trained on 6.8M+ security findings and insights from 5,000+ real-world pentests. Astra deploys intelligent agents that continuously discover, validate, prioritize, and help remediate vulnerabilities at scale. While AI handles speed and scale, Astra’s certified security experts focus on what automation alone cannot: complex business logic flaws, multi-step attack chains, advanced exploit paths, and emerging AI/LLM-specific threats. Built for modern engineering teams, Astra integrates directly into CI/CD workflows, enabling continuous security validation between releases instead of relying on outdated annual pentests. The platform delivers comprehensive Autonomous Pentest powered by AI agents, DAST vulnerability scanner and human-driven pentests across web apps, AI/LLMs, mobile apps, APIs, cloud infrastructure. Astra is CREST-accredited, CERT-IN empaneled, and a PCI ASV-certified vendor. Our team also led the development of the OWASP APTS framework, helping shape the industry standard for continuous security testing. Today, 1,500+ organizations across 70+ countries trust Astra Security, including Ford, Loom, CompTIA, Hitachi, HackerRank, and OLX.


**Average Rating:** 4.6/5.0
**Total Reviews:** 212
**How Do G2 Users Rate Astra Pentest?**

- **API Testing:** 10.0/10 (Category avg: 9.1/10)
- **API Monitoring:** 10.0/10 (Category avg: 8.9/10)

**Who Is the Company Behind Astra Pentest?**

- **Seller:** [ASTRA IT, Inc.](https://www.g2.com/sellers/astra-it-inc)
- **Company Website:** https://www.getastra.com/
- **Year Founded:** 2018
- **HQ Location:** New Delhi, IN
- **Twitter:** @getastra (694 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/getastra/ (130 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** CTO, CEO
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 66% Small-Business, 29% Mid-Market


#### What Are Astra Pentest's Pros and Cons?

**Pros:**

- Customer Support (65 reviews)
- Vulnerability Detection (52 reviews)
- Ease of Use (51 reviews)
- Pentesting Efficiency (42 reviews)
- Vulnerability Identification (38 reviews)

**Cons:**

- Poor Customer Support (12 reviews)
- Poor Interface Design (10 reviews)
- Slow Performance (8 reviews)
- UX Improvement (7 reviews)
- False Positives (6 reviews)


### What Do G2 Reviewers Say About Astra Pentest?
*AI-generated summary from verified user reviews*

**Pros:**

- Users rave about Astra Pentest&#39;s **outstanding customer support** , highlighting their responsiveness and flexibility throughout the testing process.
- Users value the **user-friendly dashboard** of Astra Pentest, providing real-time insights and effective collaboration for security teams.
- Users highlight the **ease of use** of Astra Pentest, appreciating its user-friendly interface and efficient support.
- Users appreciate the **efficiency of pentesting** with Astra Pentest, benefiting from automated tools and proactive support.
- Users value the **thorough vulnerability identification** process in Astra Pentest, enhancing overall security and understanding of issues.

**Cons:**

- Users express frustration with **poor customer support** , citing slow email responses and a lack of instant messaging options.
- Users find the **poor interface design** of Astra Pentest confusing, affecting usability and note-taking capabilities.
- Users experience **slow performance** with Astra Pentest, facing delays in report generation and inconsistent status updates.
- Users suggest that the **UI could significantly improve** to enhance usability and clarity during pentesting tasks.
- Users are frustrated by the **false positives** in Astra Pentest, wasting time and complicating the vulnerability management process.

#### What Are Recent G2 Reviews of Astra Pentest?

**"[Smooth Onboarding, Responsive Support, and Strong Pentest Lifecycle Controls](https://www.g2.com/survey_responses/astra-pentest-review-13001206)"**

**Rating:** 5.0/5.0 stars
*— Sivakumar S.*

[Read full review](https://www.g2.com/survey_responses/astra-pentest-review-13001206)

---

**"[Exceptional VAPT Solution with Prompt Support](https://www.g2.com/survey_responses/astra-pentest-review-9603864)"**

**Rating:** 5.0/5.0 stars
*— Nikhil Ajit S.*

[Read full review](https://www.g2.com/survey_responses/astra-pentest-review-9603864)

---


#### What Are G2 Users Discussing About Astra Pentest?

- [What is Astra Pentest used for?](https://www.g2.com/discussions/what-is-astra-pentest-used-for) - 2 comments

### 8. [Harness Platform](https://www.g2.com/products/harness-platform/reviews)
Simplify your developer experience with the world&#39;s first AI-augmented software delivery platform. Upgrade your software delivery with Harness&#39; innovative CI/CD, Feature Flags, Infrastructure as Code Management, and Chaos Engineering tools. We are a software delivery platform that helps developers and infrastructure engineers build and ship code for cloud and on-premise projects. We automate the continuous integration and continuous delivery (CI/CD) process to help teams build faster, ship more frequently, and improve quality, efficiency, and governance. We help companies in four key areas: Number one, we accelerate innovation through DevOps modernization. We provide an approach for software delivery that automates processes, reduces manual interventions, consolidates tools, and accelerates time-to-market for new products, features, and fixes. Number two, we improve developer experience. We give you the ability to attract, retain, and onboard high-caliber engineering talent while fostering a culture of continuous innovation and improvement. Number three, we secure software delivery. We give you the ability to integrate security into every phase of the SDLC. And last but not least is, we optimize cloud costs. We give you the ability to eliminate waste and to ensure that appropriate cloud resources are allocated at the right place at the right time.


**Average Rating:** 4.6/5.0
**Total Reviews:** 300
**How Do G2 Users Rate Harness Platform?**

- **API Testing:** 8.9/10 (Category avg: 9.1/10)
- **API Monitoring:** 9.8/10 (Category avg: 8.9/10)

**Who Is the Company Behind Harness Platform?**

- **Seller:** [Harness](https://www.g2.com/sellers/harness-25016f40-e80f-4417-bea8-39412055d17a)
- **Company Website:** https://harness.io/
- **Year Founded:** 2018
- **HQ Location:** San Francisco
- **Twitter:** @HarnessWealth (1,389 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/harnessinc/ (1,701 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Software Engineer, DevOps Engineer
- **Top Industries:** Computer Software, Financial Services
- **Company Size:** 43% Enterprise, 38% Mid-Market


#### What Are Harness Platform's Pros and Cons?

**Pros:**

- Ease of Use (114 reviews)
- Features (73 reviews)
- Feature Flags (49 reviews)
- Easy Setup (40 reviews)
- Easy Integrations (31 reviews)

**Cons:**

- Missing Features (23 reviews)
- Limitations (20 reviews)
- Limited Features (20 reviews)
- Learning Curve (17 reviews)
- Poor UI (16 reviews)


### What Do G2 Reviewers Say About Harness Platform?
*AI-generated summary from verified user reviews*

**Pros:**

- Users find the **ease of use** of the Harness Platform simplifies project implementation and streamlines their workflow.
- Users value the **flexible targeting options** in Harness Platform, enhancing project implementation and feature management.
- Users appreciate the **user-friendly interface** of Split.io, enabling seamless feature flag management for all team members.
- Users appreciate the **easy setup** of Harness Platform, enabling quick implementation and immediate cost savings.
- Users admire the **easy integrations** of Harness Platform, enhancing the streamlined software delivery process with AI and modularity.

**Cons:**

- Users highlight a **lack of multiple filters** and missing features that could enhance the Harness Platform experience.
- Users face **limitations in configuration and management** options within Harness Platform, hindering usability and flexibility.
- Users note the **limited features** of Harness Platform, particularly the lack of advanced filtering options and intuitiveness.
- Users find the **steep learning curve** challenging and desire better documentation for easier navigation of the platform.
- Users find the **poor UI** of Harness Platform to be complex and not user-friendly, causing frustration.

#### What Are Recent G2 Reviews of Harness Platform?

**"[Harness - World of automation](https://www.g2.com/survey_responses/harness-platform-review-11792426)"**

**Rating:** 4.5/5.0 stars
*— Sunil A.*

[Read full review](https://www.g2.com/survey_responses/harness-platform-review-11792426)

---

**"[Best tool for cost optimization and Repository](https://www.g2.com/survey_responses/harness-platform-review-11543262)"**

**Rating:** 5.0/5.0 stars
*— Satendra V.*

[Read full review](https://www.g2.com/survey_responses/harness-platform-review-11543262)

---


#### What Are G2 Users Discussing About Harness Platform?

- [What is Harness Continuous Delivery used for?](https://www.g2.com/discussions/what-is-harness-continuous-delivery-used-for) - 1 comment
- [What is Propelo used for?](https://www.g2.com/discussions/what-is-propelo-used-for)
- [What is Harness Cloud Cost Management used for?](https://www.g2.com/discussions/what-is-harness-cloud-cost-management-used-for)
- [What is the difference between harness and Jenkins?](https://www.g2.com/discussions/what-is-the-difference-between-harness-and-jenkins) - 1 comment
- [What is streaming Split IO?](https://www.g2.com/discussions/what-is-streaming-split-io) - 1 comment

### 9. [Orca Security](https://www.g2.com/products/orca-security/reviews)
The Orca Cloud Security Platform identifies, prioritizes, and remediates risks and compliance issues in workloads, configurations, and identities across your cloud estate spanning AWS, Azure, Google Cloud, Kubernetes, Alibaba Cloud, and Oracle Cloud. Orca offers the industry’s most comprehensive cloud security solution in a single platform — eliminating the need to deploy and maintain multiple point solutions. Orca is agentless-first, and connects to your environment in minutes using Orca’s patented SideScanning™ technology that provides deep and wide visibility into your cloud environment, without requiring agents. In addition, Orca can integrate with third-party agents for runtime visibility and protection for critical workloads. Orca is at the forefront of leveraging Generative AI for simplified investigations and accelerated remediation – reducing required skill levels and saving cloud security, DevOps, and development teams time and effort, while significantly improving security outcomes. As a Cloud Native Application Protection Platform (CNAPP), Orca consolidates many point solutions in one platform, including: CSPM, CWPP, CIEM, Vulnerability Management, Container and Kubernetes Security, DSPM, API Security, CDR, Multi-cloud Compliance, Shift Left Security, and AI-SPM.


**Average Rating:** 4.7/5.0
**Total Reviews:** 300
**How Do G2 Users Rate Orca Security?**

- **API Testing:** 7.5/10 (Category avg: 9.1/10)
- **API Monitoring:** 8.5/10 (Category avg: 8.9/10)

**Who Is the Company Behind Orca Security?**

- **Seller:** [Orca Security](https://www.g2.com/sellers/orca-security)
- **Company Website:** https://orca.security
- **Year Founded:** 2019
- **HQ Location:** Portland, Oregon
- **Twitter:** @orcasec (4,835 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/35573984/ (515 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Security Engineer, CISO
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 52% Enterprise, 38% Mid-Market


#### What Are Orca Security's Pros and Cons?

**Pros:**

- Ease of Use (37 reviews)
- Features (33 reviews)
- Security (29 reviews)
- User Interface (22 reviews)
- Visibility (22 reviews)

**Cons:**

- Improvement Needed (15 reviews)
- Feature Limitations (12 reviews)
- Limited Features (10 reviews)
- Missing Features (10 reviews)
- Ineffective Alerts (9 reviews)


### What Do G2 Reviewers Say About Orca Security?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **ease of use** of Orca Security, appreciating its straightforward implementation and intuitive navigation.
- Users appreciate the **intuitive interface and powerful reporting** features of Orca Security, enhancing their overall experience.
- Users commend Orca Security for its **comprehensive cloud security capabilities** , providing valuable insights and a seamless experience.
- Users appreciate the **user-friendly interface** of Orca Security, finding it easy to navigate and understand.
- Users value the **incredible visibility** provided by Orca Security, enhancing their cloud security and observability efforts.

**Cons:**

- Users note **significant improvement needed** in module loading speed, documentation access, and CSV export functionality.
- Users find **feature limitations** in Orca Security, highlighting issues with vulnerability reporting and asset scan capabilities.
- Users experience **limited features** in Orca Security, hindering functionality and complicating tasks like report generation.
- Users face **missing features** in Orca Security, including limited compliance modules and export functionality challenges.
- Users experience **ineffective alerts** from Orca Security, leading to confusion and alert fatigue due to overloaded information.

#### What Are Recent G2 Reviews of Orca Security?

**"[Orca Unifies AppSec, Cloud, and Agent Context in One Clear View](https://www.g2.com/survey_responses/orca-security-review-13096711)"**

**Rating:** 5.0/5.0 stars
*— Samuel J.*

[Read full review](https://www.g2.com/survey_responses/orca-security-review-13096711)

---

**"[Orca Gives Us a Single View of AI Agent Risk Across AWS, Azure, and GCP](https://www.g2.com/survey_responses/orca-security-review-13091849)"**

**Rating:** 5.0/5.0 stars
*— Kevin J.*

[Read full review](https://www.g2.com/survey_responses/orca-security-review-13091849)

---


#### What Are G2 Users Discussing About Orca Security?

- [Where is Orca security based?](https://www.g2.com/discussions/where-is-orca-security-based) - 2 comments
- [How much does Orca security cost?](https://www.g2.com/discussions/how-much-does-orca-security-cost) - 1 comment
- [What is ORCA platform?](https://www.g2.com/discussions/what-is-orca-platform) - 1 comment
- [What does Orca Security do?](https://www.g2.com/discussions/what-does-orca-security-do) - 1 comment

### 10. [Azion](https://www.g2.com/products/azion/reviews)
Azion is the web platform that enables businesses to build, secure, and scale modern applications on a fully managed global infrastructure, with a robust suite of solutions for Application Development, cybersecurity, and AI. Azion allows developers to deploy applications closer to users, ensuring ultra-low latency and high availability. With Functions, you can run distributed serverless code, enhancing performance and reducing costs. For enhanced security, Azion’s Web Application Firewall (WAF) protects against cyber threats. Azion also provides SQL Storage, Object Storage and KV Storage, enabling fast, distributed data storage and retrieval. With Real-Time Metrics and Real-Time Events, businesses gain actionable insights into their applications and infrastructure, ensuring optimal performance and security. Global leaders like Prime Video, Neon, Global Fashion Group, and Radware trust Azion to deliver high-performance, secure digital experiences worldwide. Whether you&#39;re building AI-driven applications, securing your digital assets, or scaling globally, Azion provides the fastest path to modern applications. Discover how Azion can transform your digital experiences and empower your business to thrive in the digital age. Visit www.azion.com to learn more about our innovative solutions.


**Average Rating:** 4.7/5.0
**Total Reviews:** 31
**How Do G2 Users Rate Azion?**

- **API Testing:** 10.0/10 (Category avg: 9.1/10)
- **API Monitoring:** 9.2/10 (Category avg: 8.9/10)

**Who Is the Company Behind Azion?**

- **Seller:** [Azion](https://www.g2.com/sellers/azion)
- **Year Founded:** 2011
- **HQ Location:** Palo Alto, California, United States
- **LinkedIn® Page:** https://www.linkedin.com/company/aziontech (198 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Retail
- **Company Size:** 34% Enterprise, 28% Mid-Market


#### What Are Azion's Pros and Cons?

**Pros:**

- Customer Support (10 reviews)
- Ease of Use (8 reviews)
- Easy Integrations (7 reviews)
- Reliability (7 reviews)
- Performance (6 reviews)

**Cons:**

- Missing Features (2 reviews)
- Complexity (1 reviews)
- Difficult Learning (1 reviews)
- Difficult Learning Curve (1 reviews)
- Expensive (1 reviews)


### What Do G2 Reviewers Say About Azion?
*AI-generated summary from verified user reviews*

**Pros:**

- Users highlight the **exceptional customer support** from Azion, noting fast responses and effective solutions for their needs.
- Users value the **ease of use** of Azion, making setup and integration quick and effortless for daily operations.
- Users appreciate the **easy integrations** with Azion, allowing effortless implementation and daily operation without hassle.
- Users value Azion’s **robust reliability and support** , ensuring business continuity and security during critical operations.
- Users highlight Azion&#39;s **exceptional performance** , experiencing improved latency and reliability during peak traffic and security challenges.

**Cons:**

- Users are frustrated by Azion&#39;s **missing features** for Web3 and NFTs, impacting integration and productivity.
- Users find the **complexity of the administration console** challenging, requiring time to navigate and understand effectively.
- Users find the **difficult learning curve** in Azion&#39;s administration console impacts their overall experience negatively.
- Users find the **difficult learning curve** of Azion&#39;s administration console challenging and time-consuming to navigate.
- Users feel the need for more **flexibility in pricing** and product offers, finding Azion notably costly.

#### What Are Recent G2 Reviews of Azion?

**"[Azion as one of the main strategic partners in cybersecurity.](https://www.g2.com/survey_responses/azion-review-12544164)"**

**Rating:** 5.0/5.0 stars
*— Luciano K.*

[Read full review](https://www.g2.com/survey_responses/azion-review-12544164)

---

**"[Azion Services: Elevated Security and Impeccable Support](https://www.g2.com/survey_responses/azion-review-11910560)"**

**Rating:** 5.0/5.0 stars
*— Luciano G.*

[Read full review](https://www.g2.com/survey_responses/azion-review-11910560)

---



### 11. [Qodex.ai](https://www.g2.com/products/qodex-ai/reviews)
Qodex is a continuous testing platform that runs your test scenarios against your real app on every pull request and deploy, then shows you exactly what broke with the failing request, response, and screenshot.


**Average Rating:** 4.9/5.0
**Total Reviews:** 60
**How Do G2 Users Rate Qodex.ai?**

- **API Testing:** 10.0/10 (Category avg: 9.1/10)
- **API Monitoring:** 8.3/10 (Category avg: 8.9/10)

**Who Is the Company Behind Qodex.ai?**

- **Seller:** [QodexAI](https://www.g2.com/sellers/qodexai)
- **Company Website:** https://www.qodex.ai/
- **Year Founded:** 2023
- **HQ Location:** San Francisco, California
- **LinkedIn® Page:** https://linkedin.com/company/qodexai (13 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 75% Small-Business, 20% Mid-Market


#### What Are Qodex.ai's Pros and Cons?

**Pros:**

- Ease of Use (23 reviews)
- Automation (17 reviews)
- Testing (17 reviews)
- Testing Efficiency (17 reviews)
- Helpful (13 reviews)

**Cons:**

- Slow Loading (6 reviews)
- Poor Documentation (5 reviews)
- Slow Performance (5 reviews)
- Bug Issues (4 reviews)
- Bugs (4 reviews)


### What Do G2 Reviewers Say About Qodex.ai?
*AI-generated summary from verified user reviews*

**Pros:**

- Users find Qodex.ai&#39;s **ease of use** remarkable, with intuitive features that streamline API testing and enhance productivity.
- Users love the **automation of tests** in Qodex.ai, as it significantly saves time and enhances reliability.
- Users commend the **easy interface** for writing test cases, enhancing efficiency and accessibility for all team members.
- Users praise the **testing efficiency** of Qodex.ai, significantly reducing shipment time and simplifying bug detection.
- Users love how **Qodex.ai effortlessly automates tasks** , dramatically reducing time spent on API testing and enhancing productivity.

**Cons:**

- Users experience **slow loading** times with the UI and chatbot, affecting overall usability and efficiency.
- Users find the **poor documentation** of Qodex.ai challenging, requesting more clarity and resources for advanced features.
- Users experience **slow performance** with Qodex.ai, noting delays in UI loading and chatbot response times.
- Users report **bug issues** like repeated test cases and call for improved tagging and accuracy for better management.
- Users frequently encounter **repeated test cases** and suggest improvements for bug classification and accuracy in Qodex.ai.

#### What Are Recent G2 Reviews of Qodex.ai?

**"[Effortless AI Testing Automation That Accelerates Development](https://www.g2.com/survey_responses/qodex-ai-review-12088697)"**

**Rating:** 4.5/5.0 stars
*— Abhilash S.*

[Read full review](https://www.g2.com/survey_responses/qodex-ai-review-12088697)

---

**"[Effortless Automation and Insightful AI Testing with Qodex.ai](https://www.g2.com/survey_responses/qodex-ai-review-12065938)"**

**Rating:** 4.5/5.0 stars
*— Anshuk K.*

[Read full review](https://www.g2.com/survey_responses/qodex-ai-review-12065938)

---



### 12. [Intruder](https://www.g2.com/products/intruder/reviews)
Intruder&#39;s continuous exposure management platform helps security, IT, and engineering teams stop breaches before they start. By unifying AI penetration testing, attack surface monitoring, cloud security, and vulnerability management in one intuitive platform, Intruder gives stretched teams an always-on security source of truth. Our approach focuses on continuous automated scanning using expertise and agentic solutions to ensure that the findings we deliver are accurate, prioritized by real-world risk, and ready to act on. Founded in 2015 by Chris Wallis, a former ethical hacker turned corporate blue teamer, Intruder is now protecting over 3,000 companies worldwide. Intruder has been awarded multiple accolades, was selected for GCHQ’s Cyber Accelerator, included on Deloitte’s Tech Fast 50 2023 list as the fastest-growing cybersecurity company in the UK and was named in G2’s 2026 Best Software Awards.


**Average Rating:** 4.8/5.0
**Total Reviews:** 207
**How Do G2 Users Rate Intruder?**

- **API Testing:** 8.7/10 (Category avg: 9.1/10)
- **API Monitoring:** 8.9/10 (Category avg: 8.9/10)

**Who Is the Company Behind Intruder?**

- **Seller:** [Intruder](https://www.g2.com/sellers/intruder)
- **Company Website:** https://www.intruder.io
- **Year Founded:** 2015
- **HQ Location:** London
- **Twitter:** @intruder_io (979 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/6443623/ (83 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** CTO, Director
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 57% Small-Business, 36% Mid-Market


#### What Are Intruder's Pros and Cons?

**Pros:**

- Ease of Use (41 reviews)
- Vulnerability Detection (30 reviews)
- Customer Support (25 reviews)
- User Interface (24 reviews)
- Vulnerability Identification (24 reviews)

**Cons:**

- Expensive (9 reviews)
- Slow Scanning (8 reviews)
- Licensing Issues (7 reviews)
- False Positives (6 reviews)
- Limited Features (6 reviews)


### What Do G2 Reviewers Say About Intruder?
*AI-generated summary from verified user reviews*

**Pros:**

- Users find Intruder&#39;s **ease of use** exceptional, facilitating rapid setup and straightforward configuration for cloud resources.
- Users value the **super easy configuration and automated scanning** of Intruder, enhancing security across cloud environments.
- Users highly value Intruder&#39;s **responsive customer support** , enhancing their cybersecurity management experience with timely assistance.
- Users love Intruder&#39;s **intuitive interface** , which simplifies security tasks and integrates seamlessly with essential tools.
- Users commend the **efficient vulnerability identification** of Intruder, praising its ease of use and automated scanning features.

**Cons:**

- Users find the pricing to be **expensive** , expressing a desire for more flexible and cost-effective models.
- Users report **slow scanning** issues with Intruder, missing some SQL injections and lacking mobile device support.
- Users find **licensing issues** with Intruder challenging, particularly in understanding the model and its application to scans.
- Users report experiencing **false positives** , making it challenging to prioritize critical vulnerabilities effectively.
- Users find the **limited features** in Intruder, such as rigid licensing and reporting controls, somewhat frustrating.

#### What Are Recent G2 Reviews of Intruder?

**"[Reliable Service with Flexible Plans and Strong Support](https://www.g2.com/survey_responses/intruder-review-13110046)"**

**Rating:** 4.0/5.0 stars
*— Ossama M.*

[Read full review](https://www.g2.com/survey_responses/intruder-review-13110046)

---

**"[Revolutionized Our Vulnerability Management with Real-Time Insights](https://www.g2.com/survey_responses/intruder-review-13100568)"**

**Rating:** 4.5/5.0 stars
*— Verified User*

[Read full review](https://www.g2.com/survey_responses/intruder-review-13100568)

---


#### What Are G2 Users Discussing About Intruder?

- [Who developed intruder?](https://www.g2.com/discussions/who-developed-intruder)
- [What is an intruder in cyber security?](https://www.g2.com/discussions/what-is-an-intruder-in-cyber-security)
- [Is intruder IO safe?](https://www.g2.com/discussions/is-intruder-io-safe) - 1 comment
- [What is intruder software?](https://www.g2.com/discussions/what-is-intruder-software) - 1 comment

### 13. [FortiAppSec Cloud](https://www.g2.com/products/fortiappsec-cloud/reviews)
FortiAppSec Cloud - the next evolution of FortiWeb Cloud - simplifies and strengthens web application security and delivery across your cloud environments. This SaaS platform secures network availability and accelerates application performance while delivering consistent security against web-based threats. The AI-driven engine detects zero-day exploits and unknown threats, maximizing detection accuracy while securing the user experience and minimizing false positives. FortiAppSec Cloud is unified platform that provides comprehensive web application and API protection (WAAP) with a single management interface. It includes: • GenAI-ready protection for known and zero-day threat detection • ML-driven bad bot behavioral analysis to fend off sophisticated bots • Advanced API discovery and security • Built-in DAST allows for vulnerability scanning and patching in advance • Global server load balancing and CDN provide optimized application availability and performance. • Threat analytics helps prioritize security events for operational efficiency.


**Average Rating:** 4.4/5.0
**Total Reviews:** 29
**How Do G2 Users Rate FortiAppSec Cloud?**

- **API Testing:** 6.7/10 (Category avg: 9.1/10)
- **API Monitoring:** 8.3/10 (Category avg: 8.9/10)

**Who Is the Company Behind FortiAppSec Cloud?**

- **Seller:** [Fortinet](https://www.g2.com/sellers/fortinet)
- **Company Website:** https://www.fortinet.com
- **Year Founded:** 2000
- **HQ Location:** Sunnyvale, CA
- **Twitter:** @Fortinet (151,422 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/6460/ (16,279 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer &amp; Network Security, Information Technology and Services
- **Company Size:** 61% Mid-Market, 19% Enterprise


#### What Are FortiAppSec Cloud's Pros and Cons?

**Pros:**

- Security (13 reviews)
- Protection (10 reviews)
- Cybersecurity (8 reviews)
- Ease of Use (8 reviews)
- Features (8 reviews)

**Cons:**

- UX Improvement (9 reviews)
- Slow Performance (8 reviews)
- User Interface Issues (8 reviews)
- Complex Configuration (7 reviews)
- Complex Setup (7 reviews)


### What Do G2 Reviewers Say About FortiAppSec Cloud?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **robust security measures** of FortiAppSec Cloud, highlighting its AI-driven and comprehensive protection capabilities.
- Users appreciate the **automatic security and centralized dashboard** of FortiAppSec Cloud, enhancing efficiency and visibility.
- Users value the **advanced security features** of FortiAppSec Cloud, effectively mitigating threats with a unified console.
- Users value the **ease of use** of FortiAppSec Cloud, highlighting its straightforward setup and intuitive management.
- Users value the **ease of deployment and AI-driven automation** in FortiAppSec Cloud for optimized web app security.

**Cons:**

- Users find the **UI/UX lacks intuitiveness** , making navigation and setup challenging for newcomers to FortiAppSec Cloud.
- Users experience **slow performance** during high traffic, affecting the overall effectiveness of FortiAppSec Cloud.
- Users find the **user interface issues** challenging, hindering the overall experience and effectiveness of the product.
- Users find the **complex configuration** for initial setup challenging, particularly affecting first-time users&#39; experience.
- Users find the **complex setup** of FortiAppSec Cloud challenging, particularly for first-time configuration and advanced policies.

#### What Are Recent G2 Reviews of FortiAppSec Cloud?

**"[Centralized Threat Management, Easy Setup](https://www.g2.com/survey_responses/fortiappsec-cloud-review-12342944)"**

**Rating:** 4.0/5.0 stars
*— Manav S.*

[Read full review](https://www.g2.com/survey_responses/fortiappsec-cloud-review-12342944)

---

**"[Easy-to-Implement AppSec with Strong Signature Detection, Bot Protection, and Cloud Integration](https://www.g2.com/survey_responses/fortiappsec-cloud-review-12389870)"**

**Rating:** 5.0/5.0 stars
*— Prasanth K.*

[Read full review](https://www.g2.com/survey_responses/fortiappsec-cloud-review-12389870)

---


#### What Are G2 Users Discussing About FortiAppSec Cloud?

- [What is the use of Fortinet?](https://www.g2.com/discussions/what-is-the-use-of-fortinet)
- [How does Fortinet WAF work?](https://www.g2.com/discussions/how-does-fortinet-waf-work)
- [How many layers does the FortiWeb machine learning engine use?](https://www.g2.com/discussions/how-many-layers-does-the-fortiweb-machine-learning-engine-use)
- [How do you use FortiWeb?](https://www.g2.com/discussions/how-do-you-use-fortiweb)

### 14. [Pynt - API Security Testing](https://www.g2.com/products/pynt-api-security-testing/reviews)
Pynt is an innovative API Security Testing platform exposing verified API threats through simulated attacks. Hundreds of companies rely on Pynt to continuously monitor, classify and attack poorly secured APIs, before hackers do.


**Average Rating:** 4.8/5.0
**Total Reviews:** 44
**How Do G2 Users Rate Pynt - API Security Testing?**

- **API Testing:** 8.7/10 (Category avg: 9.1/10)
- **API Monitoring:** 8.8/10 (Category avg: 8.9/10)

**Who Is the Company Behind Pynt - API Security Testing?**

- **Seller:** [Pynt](https://www.g2.com/sellers/pynt)
- **Year Founded:** 2022
- **HQ Location:** Tel Aviv, IL
- **Twitter:** @pynt_io (361 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/pynt (16 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software, Computer &amp; Network Security
- **Company Size:** 57% Small-Business, 23% Enterprise


#### What Are Pynt - API Security Testing's Pros and Cons?

**Pros:**

- Vulnerability Detection (20 reviews)
- Security (19 reviews)
- API Management (17 reviews)
- Easy Integrations (17 reviews)
- Automation (15 reviews)

**Cons:**

- Complex Setup (12 reviews)
- Setup Complexity (7 reviews)
- Limited Features (4 reviews)
- Poor Interface Design (4 reviews)
- UX Improvement (4 reviews)


### What Do G2 Reviewers Say About Pynt - API Security Testing?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **flawless execution of vulnerability tests** by Pynt, ensuring robust API security effortlessly.
- Users appreciate the **seamless integration of Pynt** for addressing API security issues efficiently during development.
- Users value Pynt for its **seamless API security integration** , streamlining discovery and enhancing security throughout development.
- Users value the **easy integrations** of Pynt, simplifying API security testing with seamless connectivity to existing tools.
- Users value the **automation capabilities** of Pynt, enabling seamless and continuous API security testing within their workflows.

**Cons:**

- Users often face **complex setup challenges** with Pynt, requiring time and resources to achieve smooth integration.
- Users find **setup complexity** challenging, especially beginners, leading to difficulties during the initial configuration of Pynt.
- Users note the **limited features** of Pynt, particularly with reporting, onboarding, and free plan restrictions.
- Users feel the **poor interface design** hampers usability and suggest improvements to enhance their overall experience.
- Users feel the **user interface needs significant improvement** to enhance the overall experience while using Pynt.

#### What Are Recent G2 Reviews of Pynt - API Security Testing?

**"[Comprehensive Review of Pynt Tool](https://www.g2.com/survey_responses/pynt-api-security-testing-review-10046930)"**

**Rating:** 5.0/5.0 stars
*— Vijayaraghavan (Vijay) V.*

[Read full review](https://www.g2.com/survey_responses/pynt-api-security-testing-review-10046930)

---

**"[Performance and Usability Review of pynt G2](https://www.g2.com/survey_responses/pynt-api-security-testing-review-11135423)"**

**Rating:** 5.0/5.0 stars
*— Devanggiri G.*

[Read full review](https://www.g2.com/survey_responses/pynt-api-security-testing-review-11135423)

---



### 15. [Escape](https://www.g2.com/products/escape/reviews)
Escape automates the full offensive security lifecycle, multiplying the impact of every security engineer tenfold. Our key products: 1. Attack Surface Management: Discover and validate exposure of modern applications, APIs, and infrastructure from code to cloud. 2. Business-logic-aware DAST: Replace legacy DAST with business-logic-aware testing that improves over time and helps your team remediate real, exploitable vulnerabilities. 3. AI Pentesting: Replace manual pentest and bug bounty programs with a solution that scales. Escape is a customer-centric company, supporting more than 2000+ security teams worldwide, and we have the privilege of working with exceptional companies like Schibsted (Media), HealthEquity (Healthcare), Applied (InsurTech), Visma &amp; Miro (Tech), DoubleVerify (AdTech), Thinkific (EdTech), and many others.


**Average Rating:** 4.9/5.0
**Total Reviews:** 10
**How Do G2 Users Rate Escape?**

- **API Testing:** 9.2/10 (Category avg: 9.1/10)
- **API Monitoring:** 8.5/10 (Category avg: 8.9/10)

**Who Is the Company Behind Escape?**

- **Seller:** [Escape](https://www.g2.com/sellers/escape)
- **Company Website:** https://escape.tech/
- **Year Founded:** 2020
- **HQ Location:** Paris, France
- **Twitter:** @escapetechHQ (345 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/escapetech/ (61 employees on LinkedIn®)

**Who Uses This Product?**
- **Company Size:** 50% Small-Business, 40% Mid-Market


#### What Are Escape's Pros and Cons?

**Pros:**

- Ease of Use (3 reviews)
- Easy Integrations (2 reviews)
- Scanning Technology (2 reviews)
- Security (2 reviews)
- API Management (1 reviews)

**Cons:**

- Complex Setup (1 reviews)
- Difficult Upgrades (1 reviews)
- Limited Features (1 reviews)
- Missing Features (1 reviews)
- Update Issues (1 reviews)


### What Do G2 Reviewers Say About Escape?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of use** of Escape, finding it simple to set up and integrate seamlessly.
- Users value the **easy integrations** of Escape, facilitating quick setups and streamlined CI/CD processes.
- Users commend Escape for its **advanced scanning technology** , enabling effective management of complex scans and API vulnerability detection.
- Users commend the **robust security features** of Escape, effectively managing API vulnerabilities and ensuring safe integrations.
- Users value the **effective API security management** of Escape, particularly in detecting overlooked vulnerabilities.

**Cons:**

- Users find the **complex setup** of Escape occasionally challenging, requiring adjustments to fully utilize its benefits.
- Users find **difficult upgrades** occasionally challenging, but value the updates for enhanced features and security improvements.
- Users note the **limited features** currently offered by Escape, but appreciate the roadmap for future improvements.
- Users note the **missing features** in Escape, though improvements are planned based on feedback, which is commendable.
- Users face occasional **update issues** that require adjustment, yet appreciate the benefits of ongoing enhancements.

#### What Are Recent G2 Reviews of Escape?

**"[Fast, Transparent DAST with Excellent GraphQL Handling and Strong Support](https://www.g2.com/survey_responses/escape-review-12978297)"**

**Rating:** 4.0/5.0 stars
*— Varun S.*

[Read full review](https://www.g2.com/survey_responses/escape-review-12978297)

---

**"[Excellent DAST disruptor](https://www.g2.com/survey_responses/escape-review-11666781)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Information Technology and Services*

[Read full review](https://www.g2.com/survey_responses/escape-review-11666781)

---



### 16. [Cequence Security](https://www.g2.com/products/cequence-security/reviews)
Cequence protects the applications and data that power enterprises in the agentic era. More than a decade of bot defense and API security experience has established Cequence as the leader of safe and secure agentic AI adoption. The Cequence platform delivers deep insight into user, entity, and agent behavior, enabling organizations to secure and control agentic AI workflows while protecting against bad actors and rogue agents. Cequence delivers value in minutes rather than days or weeks with a highly scalable, no-code approach. Trusted by the largest and most demanding private and public sector organizations, Cequence protects more than 10 billion daily API interactions and 4 billion user accounts. Agentic AI Governance – Every Agent, Under Control The Cequence AI Gateway provides security, governance, and control for agentic AI workflows, enabling organizations to unlock AI-driven productivity and growth. Built-in governance and guardrails constrain agent behavior using capabilities that include least privilege access, rate-limiting, and sensitive data protection. The AI Gateway’s agentic zero trust architecture enables enterprises to confidently deploy agentic workflows for internal productivity and customer-facing experiences. Bot Management – Bot Detection, Mitigation, and Fraud Prevention Cequence Bot Management protects organizations from the full range of automated attacks to prevent data loss, theft, and fraud. Bot Management is network based, requiring no agents, JavaScript, or SDKs. Behavioral fingerprints and multi-dimensional analytics provide a deep understanding of business context to identify and natively block attacks in real time. It mitigates a wide variety of cyberattacks including business logic attacks, exploits, automated bot activity, online fraud, and OWASP API Security Top 10 threats. API Security – API Security Posture Management, Testing, and Remediation Cequence API Security is an AI-first solution that discovers, monitors, and tests APIs, assessing a broad range of risks that often lead to compliance or governance issues, data loss, and business disruption. Providing complete visibility and monitoring of internal, external, and third-party APIs, Cequence helps organizations keep up with API changes, uncover sensitive data exposure, and identify vulnerabilities and security risks including those in the OWASP API Security Top 10. Built-in API security testing enables organizations to test their pre-production and runtime APIs against specifications – and automatically generate them if specs are not available. The AI Assistant guides practitioners of all skill levels from day one and the built-in MCP server enables teams to integrate API Security into their internal agentic workflows. API Security lays the groundwork to ensure that you are fully aware of the risks inherent in your API applications and enables you to remediate critical security issues before they are exploited by attackers.


**Average Rating:** 4.6/5.0
**Total Reviews:** 55
**How Do G2 Users Rate Cequence Security?**

- **API Testing:** 8.4/10 (Category avg: 9.1/10)
- **API Monitoring:** 9.2/10 (Category avg: 8.9/10)

**Who Is the Company Behind Cequence Security?**

- **Seller:** [Cequence Security](https://www.g2.com/sellers/cequence-security)
- **Company Website:** https://www.cequence.ai/
- **Year Founded:** 2014
- **HQ Location:** Santa Clara, CA
- **Twitter:** @cequenceai (689 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/10510476 (158 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Telecommunications, Information Technology and Services
- **Company Size:** 40% Small-Business, 35% Enterprise


#### What Are Cequence Security's Pros and Cons?

**Pros:**

- Protection (9 reviews)
- Security (8 reviews)
- Time-Saving (5 reviews)
- Vulnerability Detection (4 reviews)
- API Management (3 reviews)

**Cons:**

- Complex Setup (9 reviews)
- Difficult Learning Curve (5 reviews)
- Slow Performance (3 reviews)
- Dashboard Performance (2 reviews)
- False Positives (2 reviews)


### What Do G2 Reviewers Say About Cequence Security?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **powerful detection and mitigation** capabilities of Cequence Security against sophisticated bot attacks and threats.
- Users commend Cequence Security for its **powerful bot detection and mitigation** , effectively safeguarding user accounts against sophisticated attacks.
- Users value the **time-saving automation** of Cequence Security, significantly reducing manual workload for SOC teams.
- Users appreciate the **vulnerability detection capabilities** of Cequence Security, effectively identifying threats without hindering user experience.
- Users value the **API discovery and advanced bot detection** features of Cequence Security for enhanced visibility and protection.

**Cons:**

- Users find the **complex setup** of Cequence Security time-consuming, especially for fine-tuning and adapting to specific threats.
- Users find the **difficult learning curve** with Cequence Security challenging, requiring extensive effort for effective setup and fine-tuning.
- Users experience **slow performance** with Cequence Security, particularly during large data queries and incident responses.
- Users find the **dashboard performance lacking** , experiencing lags and unclear communication that delay decision making.
- Users are frustrated by **false positives** with Cequence Security, impacting their website&#39;s traffic flow and efficiency.

#### What Are Recent G2 Reviews of Cequence Security?

**"[Mitigating and Secure our APIs](https://www.g2.com/survey_responses/cequence-security-review-12400189)"**

**Rating:** 5.0/5.0 stars
*— Owen P.*

[Read full review](https://www.g2.com/survey_responses/cequence-security-review-12400189)

---

**"[Reliable API Traffic Visibility and Bot Attack Protection](https://www.g2.com/survey_responses/cequence-security-review-12440501)"**

**Rating:** 4.0/5.0 stars
*— karthik k.*

[Read full review](https://www.g2.com/survey_responses/cequence-security-review-12440501)

---


#### What Are G2 Users Discussing About Cequence Security?

- [What is Cequence Security used for?](https://www.g2.com/discussions/what-is-cequence-security-used-for) - 1 comment

### 17. [Edgescan](https://www.g2.com/products/edgescan/reviews)
What Is Edgescan? Edgescan is a cybersecurity company that helps organizations proactively identify, validate, and prioritize vulnerabilities across their applications, API’s and digital landscape. The company specializes in continuous vulnerability assessment, automated penetration testing, Attack Surface Management and Penetration Testing as a Service (PTaaS). Edgescan combines advanced automation with certified security experts, including professionals holding credentials such as CREST and OSCP, to deliver highly accurate and actionable security testing. This hybrid approach allows organizations to move beyond traditional point-in-time penetration tests and operate a continuous proactive cybersecurity program. The Edgescan platform is designed primarily for web application and API security, enabling organizations to continuously assess their attack surface and identify vulnerabilities throughout the development lifecycle but also delivers “full stack” coverage to detect host layer CVE’s. With a client retention rate of over 90%, Edgescan has built long-term partnerships by delivering measurable improvements in security efficiency, risk visibility, and vulnerability management. Key Features and Capabilities of Edgescan Automated Penetration Testing Edgescan uses intelligent automation to continuously assess applications, APIs, hosts, and cloud environments for vulnerabilities. This enables frequent, scalable security testing across modern and distributed architectures. Human‑Validated Testing Findings are reviewed and manually validated by certified security experts to eliminate false positives and provide deeper insight into real‑world exploitability. Each result is accurate, contextual, and actionable. Penetration Testing as a Service (PTaaS) Edgescan’s PTaaS model extends beyond automated testing by allowing expert testers to focus on vulnerabilities that require human analysis, including: • Business logic flaws • Authentication and authorization weaknesses • Context-dependent exposures • Complex attack chains and privilege escalation paths Cyber Analytics and AI‑Assisted Validation AI-driven analysis enhances detection, verifies exploitability, and increases accuracy. This reduces noise and gives security teams a clearer picture of genuine threats. Integrated Threat Intelligence Edgescan correlates vulnerabilities with real-world threat intelligence, including known exploits and ransomware activity to help organizations prioritize the most dangerous exposures first. Risk‑Based Prioritization Findings are prioritized based on exploitability, severity, threat context, and business impact, ensuring teams focus on the issues that matter most. Primary Value: What Edgescan Solves for Clients Edgescan enables organizations to shift from reactive vulnerability management to a continuous, proactive security model. Traditional scanners and periodic penetration tests frequently produce large volumes of unvalidated findings. This creates noise and forces security teams to spend hours determining which issues are real and critical. Edgescan solves this by combining: Automation for continuous testing Human expertise for validation and complex analysis Cyber analytics and AI for accuracy and prioritization Key Benefits Significant efficiency gains: reducing thousands of hours spent on manual validation. Higher accuracy, thanks to expert‑validated findings and reduced false positives. Clear prioritization, using threat intelligence and ransomware insights to highlight the highest‑risk exposures. Continuous security improvement, enabling rapid detection, faster remediation, and scalable vulnerability management. By unifying automation, human expertise, AI, and threat intelligence, Edgescan empowers organizations to maintain a continuous cybersecurity program that strengthens overall security posture while dramatically reducing operational burden.


**Average Rating:** 4.7/5.0
**Total Reviews:** 53
**How Do G2 Users Rate Edgescan?**

- **API Testing:** 8.8/10 (Category avg: 9.1/10)
- **API Monitoring:** 8.9/10 (Category avg: 8.9/10)

**Who Is the Company Behind Edgescan?**

- **Seller:** [Edgescan](https://www.g2.com/sellers/edgescan)
- **Company Website:** https://www.edgescan.com
- **Year Founded:** 2017
- **HQ Location:** Dublin, Dublin
- **Twitter:** @edgescan (2,256 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/2928425/ (89 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 31% Enterprise, 31% Mid-Market


#### What Are Edgescan's Pros and Cons?

**Pros:**

- Ease of Use (25 reviews)
- Vulnerability Detection (24 reviews)
- Customer Support (19 reviews)
- Vulnerability Identification (19 reviews)
- Features (18 reviews)

**Cons:**

- Complex UI (5 reviews)
- Limited Customization (5 reviews)
- Poor Interface Design (5 reviews)
- Slow Performance (5 reviews)
- UX Improvement (5 reviews)


### What Do G2 Reviewers Say About Edgescan?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of use** of Edgescan, enabling efficient navigation and streamlined vulnerability management.
- Users value the **automated vulnerability detection** of Edgescan, enhancing efficiency and risk management across their systems.
- Users value the **excellent customer support** from Edgescan, with a proactive team ready to assist anytime.
- Users commend Edgescan for its **thorough vulnerability identification** , enhancing security planning and response efficiency.
- Users commend Edgescan for its **feature-rich portal** and intuitive interface, making security assessments streamlined and efficient.

**Cons:**

- Users find the **UI complex and not user-friendly** , making navigation and finding settings challenging at times.
- Users note **limited customization options** , particularly in the filtering system, which can hamper initial usability.
- Users find the **poor interface design** of Edgescan frustrating, impacting usability and ease of access to features.
- Users experience **slow performance** due to manual review processes, leading to longer scan completion times.
- Users find the **UI not user friendly** , citing issues with intuitiveness and difficulty in locating settings.

#### What Are Recent G2 Reviews of Edgescan?

**"[Exceptional Security Scanning with Top-Notch Support](https://www.g2.com/survey_responses/edgescan-review-9636105)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Entertainment*

[Read full review](https://www.g2.com/survey_responses/edgescan-review-9636105)

---

**"[Edgescan: Easy Setup, Clear Insights, and Expert Security Support](https://www.g2.com/survey_responses/edgescan-review-12224347)"**

**Rating:** 5.0/5.0 stars
*— Matt W.*

[Read full review](https://www.g2.com/survey_responses/edgescan-review-12224347)

---


#### What Are G2 Users Discussing About Edgescan?

- [What is edgescan used for?](https://www.g2.com/discussions/what-is-edgescan-used-for) - 1 comment

### 18. [Wallarm API Security Platform](https://www.g2.com/products/wallarm-api-security-platform/reviews)
Protect any API. In any environment. Against any threats. Wallarm is the platform security teams choose to protect cloud-native APIs. The Wallarm platform gives teams the ability to detect and block API attacks. Customers choose Wallarm because it delivers a complete inventory of their APIs, AI apps, and agentic AI, along with patented AI/ML API abuse detection, real-time blocking on day zero, and an API SOC-as-a-service. Whether you protect legacy or brand new cloud-native APIs, Wallarm’s multi-cloud platform delivers the capabilities to secure your business against emerging threats. -\&gt; Robust protection for the entire API and AI portfolio Mitigate the OWASP API Top 10 threats and more; business logic abuse, bad bots, account takeover (ATO), and more. Get the robust API protection that no other tool can provide. -\&gt; Native inline blocking Wallarm is built from the ground up for inline blocking. Why deploy API security that can’t actually defend against API attacks? -\&gt; Unparalleled visibility into malicious traffic Gain full insights about attacks and attackers in the responsive Wallarm Console. Enjoy the Dashboard, search, and reporting capabilities, including visibility into API sessions. -\&gt; Complete API inventory Wallarm API Discovery provides full visibility into all your APIs, AI apps, and AI agents, including sensitive data flows, risk posture, shadow APIs and change detection. -\&gt; Understand Your Attack Surface You can’t protect what you don’t know about. Wallarm provides a comprehensive view of your API attack surface, including assessment of security controls and leaked sensitive API data. -\&gt; Quick integrations Setup cross-team collaboration with seamless integrations to your SIEM/SOAR, messaging applications, and workflow management.


**Average Rating:** 4.7/5.0
**Total Reviews:** 93
**How Do G2 Users Rate Wallarm API Security Platform?**

- **API Testing:** 9.2/10 (Category avg: 9.1/10)
- **API Monitoring:** 9.1/10 (Category avg: 8.9/10)

**Who Is the Company Behind Wallarm API Security Platform?**

- **Seller:** [Wallarm](https://www.g2.com/sellers/wallarm)
- **Company Website:** https://wallarm.com/
- **Year Founded:** 2016
- **HQ Location:** San Francisco, California
- **Twitter:** @wallarm (3,197 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/4871419/ (171 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** CEO, CTO
- **Top Industries:** Mechanical or Industrial Engineering, Information Technology and Services
- **Company Size:** 43% Mid-Market, 42% Small-Business


#### What Are Wallarm API Security Platform's Pros and Cons?

**Pros:**

- Protection (3 reviews)
- Security (3 reviews)
- Threat Detection (3 reviews)
- Real-time Monitoring (2 reviews)
- Vulnerability Detection (2 reviews)

**Cons:**

- API Issues (1 reviews)
- Complex Configuration (1 reviews)
- Complexity (1 reviews)
- Complex Setup (1 reviews)
- Difficult Learning (1 reviews)


### What Do G2 Reviewers Say About Wallarm API Security Platform?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **accurate real-time API threat detection** of Wallarm, ensuring robust protection with minimal false positives.
- Users value the **accurate real-time API threat detection** of Wallarm, ensuring minimal false positives and robust security.
- Users value the **accurate real-time API threat detection** of Wallarm, enhancing security with minimal false positives.
- Users value the **accurate real-time monitoring** of Wallarm API Security Platform, enhancing API protection and minimizing false positives.
- Users value the **accurate, real-time vulnerability detection** of Wallarm, ensuring robust API security with minimal false positives.

**Cons:**

- Users find the **undisclosed pricing** in the free trial for API threat detection frustrating and unclear.
- Users find the **configuration process complex** , leading to a challenging experience, especially for newcomers to the platform.
- Users find the **configuration process complex** , which can be challenging and time-consuming for newcomers.
- Users find the **complex setup** of the Wallarm API Security Platform challenging and time-consuming for beginners.
- Users find the **difficult learning** curve challenging, particularly during the initial configuration and tuning processes.

#### What Are Recent G2 Reviews of Wallarm API Security Platform?

**"[Accurate Real-Time API Threat Detection with Minimal False Positives](https://www.g2.com/survey_responses/wallarm-api-security-platform-review-12169348)"**

**Rating:** 4.5/5.0 stars
*— Adesh  R.*

[Read full review](https://www.g2.com/survey_responses/wallarm-api-security-platform-review-12169348)

---

**"[Revolutionized Our API Security, Peace of Mind Restored](https://www.g2.com/survey_responses/wallarm-api-security-platform-review-13106283)"**

**Rating:** 5.0/5.0 stars
*— Revell B.*

[Read full review](https://www.g2.com/survey_responses/wallarm-api-security-platform-review-13106283)

---


#### What Are G2 Users Discussing About Wallarm API Security Platform?

- [How has Wallarm API Security Platform supported your cybersecurity efforts, and what features do you rely on most?](https://www.g2.com/discussions/how-has-wallarm-api-security-platform-supported-your-cybersecurity-efforts-and-what-features-do-you-rely-on-most)
- [What is Wallarm API Security Platform used for?](https://www.g2.com/discussions/what-is-wallarm-api-security-platform-used-for)

### 19. [Levo.ai](https://www.g2.com/products/levo-ai/reviews)
APIs are no longer technical plumbing. They are the foundation of modern business, powering customer experiences, partner ecosystems, and digital revenue streams. But with that centrality comes risk. Unsecured APIs are now the leading cause of breaches, compliance failures, and stalled innovation. Levo exists to change this. We are the first platform to deliver true end-to-end API Security. From continuous discovery and automated documentation to exploit aware testing, policy-driven monitoring, passive detection, and inline protection, Levo covers every phase of the API lifecycle. Our architecture was designed from first principles: 1. Privacy preserving architecture: no sensitive data leaves your environment. 2. Cost efficient: lightweight sensors that run on minimal compute, saving enterprises hundreds of thousands in inflated cloud costs. 3. Developer aligned: seamless workflows that integrate directly into CI/CD, removing friction instead of adding it. This foundation gives enterprises something legacy tools never could: clarity across every API, precision in detecting real risks, and the confidence to block attacks without breaking business. With Levo, security does not slow down APIs. It scales them, safely, compliantly, and at the speed of modern business. Our vision is simple: a world where security and growth are never tradeoffs.


**Average Rating:** 4.8/5.0
**Total Reviews:** 13
**How Do G2 Users Rate Levo.ai?**

- **API Testing:** 9.8/10 (Category avg: 9.1/10)
- **API Monitoring:** 10.0/10 (Category avg: 8.9/10)

**Who Is the Company Behind Levo.ai?**

- **Seller:** [Levo](https://www.g2.com/sellers/levo-fed6d6f5-ba0b-4b0c-9a31-6bfb424af86c)
- **Year Founded:** 2021
- **HQ Location:** San Francisco, US
- **Twitter:** @levoinchq (104 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/levo-inc (32 employees on LinkedIn®)

**Who Uses This Product?**
- **Company Size:** 54% Mid-Market, 46% Small-Business


#### What Are Levo.ai's Pros and Cons?

**Pros:**

- API Management (5 reviews)
- Features (4 reviews)
- Security (4 reviews)
- Visibility (4 reviews)
- Automation (3 reviews)

**Cons:**

- Difficult Learning Curve (2 reviews)
- Poor Integration (2 reviews)
- Complex Setup (1 reviews)
- Integration Issues (1 reviews)
- Training Required (1 reviews)


### What Do G2 Reviewers Say About Levo.ai?
*AI-generated summary from verified user reviews*

**Pros:**

- Users praise Levo.ai for its **agentless, eBPF-powered API discovery** , ensuring robust security and real-time monitoring for modern applications.
- Users value Levo.ai for its **real-time security and unified visibility** across APIs, enhancing developer efficiency and workflow.
- Users value Levo.ai for its **real-time security and unified visibility** , essential for modern API and AI environments.
- Users praise Levo.ai for its **real-time security and unified visibility** , revolutionizing API and AI agent management.
- Users appreciate the **automation** of Levo.ai, effortlessly identifying security issues and enhancing efficiency in their workflows.

**Cons:**

- Users find the **difficult learning curve** of Levo.ai challenging, especially for teams new to observability tools.
- Users desire improved **integration with observability dashboards** and enhanced connectivity with existing workflows for better functionality.
- Users find the **complex setup** of Levo.ai challenging, especially for teams new to observability and security tools.
- Users desire more **granular integrations** with existing workflows in Levo.ai for a smoother experience.
- Users find the **steep learning curve** of Levo.ai challenging, especially for teams new to observability and security tools.

#### What Are Recent G2 Reviews of Levo.ai?

**"[Strong, Autonomous API Security Platform with Easy Deployment](https://www.g2.com/survey_responses/levo-ai-review-12444556)"**

**Rating:** 4.5/5.0 stars
*— Verified User in Computer &amp; Network Security*

[Read full review](https://www.g2.com/survey_responses/levo-ai-review-12444556)

---

**"[Best Platform for API and agent security in once place](https://www.g2.com/survey_responses/levo-ai-review-11963084)"**

**Rating:** 5.0/5.0 stars
*— Prasad P.*

[Read full review](https://www.g2.com/survey_responses/levo-ai-review-11963084)

---



### 20. [Tenable Nessus](https://www.g2.com/products/tenable-nessus/reviews)
Built for security practitioners, by security professionals, Nessus products by Tenable are the de-facto industry standard for vulnerability assessment. Nessus performs point-in-time assessments to help security professionals quickly and easily identify and fix vulnerabilities, including software flaws, missing patches, malware, and misconfigurations - across a variety of operating systems, devices, and applications. With features such as pre-built policies and templates, customizable reporting, group “snooze” functionality, and real-time updates, Nessus is designed to make vulnerability assessment simple, easy, and intuitive. The result: less time and effort to assess, prioritize, and remediate issues.


**Average Rating:** 4.5/5.0
**Total Reviews:** 289

**Who Is the Company Behind Tenable Nessus?**

- **Seller:** [Tenable](https://www.g2.com/sellers/tenable)
- **Company Website:** https://www.tenable.com/
- **HQ Location:** Columbia, MD
- **Twitter:** @TenableSecurity (87,752 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/25452/ (2,350 employees on LinkedIn®)
- **Ownership:** NASDAQ: TENB

**Who Uses This Product?**
- **Who Uses This:** Security Engineer, Network Engineer
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 40% Mid-Market, 34% Enterprise


#### What Are Tenable Nessus's Pros and Cons?

**Pros:**

- Vulnerability Identification (20 reviews)
- Vulnerability Detection (18 reviews)
- Ease of Use (16 reviews)
- Automated Scanning (15 reviews)
- Features (13 reviews)

**Cons:**

- Slow Scanning (7 reviews)
- Expensive (6 reviews)
- Limited Features (6 reviews)
- Complexity (5 reviews)
- False Positives (5 reviews)


### What Do G2 Reviewers Say About Tenable Nessus?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **comprehensive vulnerability identification** capabilities of Nessus for effective security risk management.
- Users value the **comprehensive vulnerability detection** capabilities of Tenable Nessus, enhancing their security management efforts.
- Users find Tenable Nessus to be **user-friendly and easy to set up** , making vulnerability detection straightforward for everyone.
- Users value the **comprehensive automated scanning** provided by Nessus, effectively identifying vulnerabilities across various assets.
- Users value the **powerful scanning features** of Tenable Nessus, enhancing vulnerability management through automation and reporting.

**Cons:**

- Users note the **slow scanning** process can take several days and impact system resources and production environments.
- Users find the **costs of running and maintaining Tenable Nessus** to be excessively high, impacting overall satisfaction.
- Users find **limited features** in Tenable Nessus, affecting usability and the ability to conduct comprehensive scans.
- Users find the **complexity** of Tenable Nessus challenging, especially with advanced features and technical requirements.
- Users note the presence of **false positives** in Nessus, resulting in additional workload for security teams.

#### What Are Recent G2 Reviews of Tenable Nessus?

**"[Reliable and Efficient Vulnerability Management Tool](https://www.g2.com/survey_responses/tenable-nessus-review-12989192)"**

**Rating:** 5.0/5.0 stars
*— Mohsin H.*

[Read full review](https://www.g2.com/survey_responses/tenable-nessus-review-12989192)

---

**"[Self-Contained Nessus Scanning with Full Control in Offline Environments](https://www.g2.com/survey_responses/tenable-nessus-review-12937668)"**

**Rating:** 4.0/5.0 stars
*— Verified User in Higher Education*

[Read full review](https://www.g2.com/survey_responses/tenable-nessus-review-12937668)

---


#### What Are G2 Users Discussing About Tenable Nessus?

- [What is Nessus used for?](https://www.g2.com/discussions/what-is-nessus-used-for) - 1 comment
- [What types of vulnerabilities are scanned by Nessus?](https://www.g2.com/discussions/what-types-of-vulnerabilities-are-scanned-by-nessus)
- [Is there a free version of Nessus?](https://www.g2.com/discussions/is-there-a-free-version-of-nessus) - 2 comments
- [What is an advantage of using Nessus?](https://www.g2.com/discussions/what-is-an-advantage-of-using-nessus)
- [What does Nessus scan for?](https://www.g2.com/discussions/what-does-nessus-scan-for) - 1 comment

### 21. [AppTrana](https://www.g2.com/products/apptrana/reviews)
AppTrana API is a fully managed API security platform that provides continuous API discovery, automated vulnerability detection, and real-time protection against API attacks. It combines 24/7 AI-driven intelligence with human-led operations to deliver runtime security with a Zero False Positive Guarantee. Trusted by over 6,500 customers across 95+ countries, it offers unmetered protection with 100% availability. AppTrana API includes SwyftComply, an industry-first autonomous remediation capability that virtually patches API vulnerabilities without code changes, enabling zero-vulnerability compliance reports.


**Average Rating:** 4.8/5.0
**Total Reviews:** 34

**Who Is the Company Behind AppTrana?**

- **Seller:** [Indusface](https://www.g2.com/sellers/indusface)
- **Year Founded:** 2012
- **HQ Location:** Vadodara
- **Twitter:** @Indusface (3,472 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/indusface/ (180 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 54% Mid-Market, 23% Enterprise


#### What Are AppTrana's Pros and Cons?

**Pros:**

- Protection (11 reviews)
- Cybersecurity (9 reviews)
- WAF (Web Application Firewall) (7 reviews)
- Bot Detection (5 reviews)
- DDoS Protection (5 reviews)

**Cons:**

- Difficult Reporting (2 reviews)
- Complex Setup (1 reviews)
- Expensive (1 reviews)
- Learning Difficulty (1 reviews)
- Poor Documentation (1 reviews)


### What Do G2 Reviewers Say About AppTrana?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **unmatched protection** provided by AppTrana, ensuring reliable defense against real-time threats and vulnerabilities.
- Users value the **24/7 SOC support** and comprehensive protection against real-time attacks offered by AppTrana.
- Users praise AppTrana&#39;s **effective WAF performance** , appreciating its low complexity and comprehensive protection features.
- Users value the **zero false positive guarantees** of AppTrana, ensuring reliable protection against DDoS and botnet attacks.
- Users appreciate the **fantastic DDoS protection** offered by AppTrana, ensuring peace of mind and robust security.

**Cons:**

- Users find the **difficult reporting** of AppTrana limits their ability to analyze data effectively and intuitively.
- Users find the **complex setup** for installing third-party certificates challenging and poorly documented.
- Users find the **cost to be high** , particularly when multiple instances of the application are used.
- Users find the **learning difficulty** with AppTrana&#39;s certificate handling to be frustrating due to poor documentation.
- Users struggle with the **poor documentation** on installing third-party certificates, making the process unnecessarily complicated.

#### What Are Recent G2 Reviews of AppTrana?

**"[AppTrana’s Managed WAAP with 24×7 SOC Support and Zero False Positives](https://www.g2.com/survey_responses/apptrana-review-13029658)"**

**Rating:** 5.0/5.0 stars
*— UTKARSH S.*

[Read full review](https://www.g2.com/survey_responses/apptrana-review-13029658)

---

**"[All-in-One App Security with Clear Threat Visibility and Responsive Support](https://www.g2.com/survey_responses/apptrana-review-13085777)"**

**Rating:** 4.5/5.0 stars
*— lenish r.*

[Read full review](https://www.g2.com/survey_responses/apptrana-review-13085777)

---


#### What Are G2 Users Discussing About AppTrana?

- [What is sucuri firewall?](https://www.g2.com/discussions/what-is-sucuri-firewall)
- [What is WAF service?](https://www.g2.com/discussions/what-is-waf-service) - 1 comment
- [What is AppTrana?](https://www.g2.com/discussions/what-is-apptrana) - 1 comment

### 22. [Invicti (formerly Netsparker)](https://www.g2.com/products/invicti-formerly-netsparker/reviews)
Invicti (formerly known as Netsparker) is an enterprise application and API security testing platform that helps organizations secure thousands of web applications and APIs at scale while dramatically reducing the risk of attack. Combining advanced DAST and IAST capabilities in a single platform, Invicti enables security teams to continuously identify, prioritize, and remediate vulnerabilities across complex modern environments with confidence and automation. With Invicti, security teams can: - Automate application security testing workflows and save hundreds of hours every month - Discover and secure all web applications and APIs, including forgotten, unmanaged, and shadow assets - Deliver actionable, developer-friendly feedback that helps teams remediate vulnerabilities faster and build more secure code over time - Reduce false positives with proof-based scanning technology that validates exploitable vulnerabilities - Scale application security programs across large enterprises without slowing development teams - Integrate security seamlessly into existing DevSecOps and CI/CD workflows Built for organizations with the most demanding security requirements, Invicti empowers teams to confidently secure their entire attack surface with accuracy, scalability, and automation.


**Average Rating:** 4.5/5.0
**Total Reviews:** 68
**How Do G2 Users Rate Invicti (formerly Netsparker)?**

- **API Testing:** 8.8/10 (Category avg: 9.1/10)

**Who Is the Company Behind Invicti (formerly Netsparker)?**

- **Seller:** [Invicti Security](https://www.g2.com/sellers/invicti-security-04cb0d3d-fd96-45b2-83dc-2038fc9dac92)
- **Company Website:** https://www.invicti.com/
- **Year Founded:** 2018
- **HQ Location:** Austin, Texas
- **Twitter:** @InvictiSecurity (2,557 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/invicti-security/people/ (335 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 46% Enterprise, 28% Mid-Market


#### What Are Invicti (formerly Netsparker)'s Pros and Cons?

**Pros:**

- Ease of Use (9 reviews)
- Scanning Technology (7 reviews)
- Features (6 reviews)
- Reporting Quality (6 reviews)
- Vulnerability Detection (6 reviews)

**Cons:**

- Poor Customer Support (3 reviews)
- Slow Performance (3 reviews)
- Slow Scanning (3 reviews)
- API Issues (2 reviews)
- Complex Setup (2 reviews)


### What Do G2 Reviewers Say About Invicti (formerly Netsparker)?
*AI-generated summary from verified user reviews*

**Pros:**

- Users find Invicti to be **very easy to use** , with user-friendly setup and quick, effective vulnerability scans.
- Users value the **efficient scanning technology** of Invicti, streamlining monthly tests and providing detailed vulnerability insights.
- Users value the **accurate vulnerability detection** and seamless integration with CI/CD tools offered by Invicti.
- Users value the **well-formatted and presentable reports** from Invicti, enhancing efficiency and streamlining certification processes.
- Users appreciate the **effective vulnerability detection** capabilities of Invicti, enjoying quick and accurate scans.

**Cons:**

- Users find **customer support lacking** as it often fails to provide timely solutions and enhancements are needed.
- Users often experience **slow performance** during scans and setup, impacting the overall efficiency of Invicti.
- Users experience **slow scanning** and difficulties with API endpoints, despite overall satisfactory performance when set up.
- Users face **API scanning issues** , limiting its effectiveness for certain tasks despite excellent support from Invicti.
- Users often find the **setup complex** and the UI overwhelming, making initial configurations challenging.

#### What Are Recent G2 Reviews of Invicti (formerly Netsparker)?

**"[Accurate, Actionable Scans with Minimal Noise](https://www.g2.com/survey_responses/invicti-formerly-netsparker-review-13079965)"**

**Rating:** 4.5/5.0 stars
*— Verified User in Retail*

[Read full review](https://www.g2.com/survey_responses/invicti-formerly-netsparker-review-13079965)

---

**"[Scalable Enterprise Security: Deep Endpoint Coverage via Invicti](https://www.g2.com/survey_responses/invicti-formerly-netsparker-review-12742667)"**

**Rating:** 4.5/5.0 stars
*— Verified User in Information Technology and Services*

[Read full review](https://www.g2.com/survey_responses/invicti-formerly-netsparker-review-12742667)

---


#### What Are G2 Users Discussing About Invicti (formerly Netsparker)?

- [What is Invicti (formerly Netsparker) used for?](https://www.g2.com/discussions/what-is-invicti-formerly-netsparker-used-for) - 1 comment
- [What type of vulnerabilities Netsparker can automatically confirm?](https://www.g2.com/discussions/invicti-formerly-netsparker-what-type-of-vulnerabilities-netsparker-can-automatically-confirm)
- [What type of vulnerabilities Netsparker can automatically confirm?](https://www.g2.com/discussions/what-type-of-vulnerabilities-netsparker-can-automatically-confirm)
- [How much does Netsparker cost?](https://www.g2.com/discussions/invicti-formerly-netsparker-how-much-does-netsparker-cost-a1ecffa4-a216-4bcc-affd-40dc140f3e27)
- [How much does Netsparker cost?](https://www.g2.com/discussions/invicti-formerly-netsparker-how-much-does-netsparker-cost)

### 23. [StackHawk](https://www.g2.com/products/stackhawk/reviews)
StackHawk is reimagining AppSec for AI-driven development, where applications are built faster than traditional AppSec tools can keep up. Our AppSec Intelligence Platform combines scalable runtime testing with complete attack surface discovery from source code. We integrate directly into development workflows and provide context-aware remediations to developers, enabling teams to find and fix exploitable vulnerabilities before they reach production. With real-time visibility and centralized program intelligence, AppSec teams can prioritize testing and fixing what matters. Companies like British Airways, ITV, and Norstella trust StackHawk to evaluate application risk, prove program value, and scale testing coverage to match development velocity.


**Average Rating:** 4.6/5.0
**Total Reviews:** 67
**How Do G2 Users Rate StackHawk?**

- **API Testing:** 8.9/10 (Category avg: 9.1/10)
- **API Monitoring:** 9.1/10 (Category avg: 8.9/10)

**Who Is the Company Behind StackHawk?**

- **Seller:** [StackHawk](https://www.g2.com/sellers/stackhawk)
- **Year Founded:** 2019
- **HQ Location:** Denver, CO
- **Twitter:** @StackHawk (1,137 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/40780406/ (31 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 46% Small-Business, 35% Mid-Market


#### What Are StackHawk's Pros and Cons?

**Pros:**

- Easy Integrations (10 reviews)
- Customer Support (9 reviews)
- Ease of Use (9 reviews)
- Integrations (7 reviews)
- Scanning Efficiency (5 reviews)

**Cons:**

- Setup Complexity (5 reviews)
- Complex Setup (4 reviews)
- High Learning Curve (3 reviews)
- Lacking Features (3 reviews)
- Limited Scope (3 reviews)


### What Do G2 Reviewers Say About StackHawk?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **easy integrations** for various tools, enhancing automation and streamlining their workflows effectively.
- Users commend the **great customer support** from StackHawk, with quick responses and helpful resources available.
- Users find StackHawk&#39;s **ease of use** refreshing, especially after the initial setup and integration with CI tools.
- Users praise the **seamless integrations** with CI tools and other platforms, enhancing their workflow efficiency and testing capability.
- Users highlight the **impressive scanning efficiency** of StackHawk, enabling quick identification of vulnerabilities and seamless integration.

**Cons:**

- Users find the **setup complexity** of StackHawk challenging due to confusing YAML configurations and onboarding processes.
- Users find the **complex setup** of StackHawk frustrating, particularly with YAML files and onboarding procedures.
- Users find StackHawk has a **high learning curve** due to its complex scripting and limited training resources.
- Users note the **lack of features** in StackHawk, citing limitations in API endpoint handling and vulnerability management.
- Users find the **limited scope** of StackHawk restricts usability and customization, impacting their vulnerability management efforts.

#### What Are Recent G2 Reviews of StackHawk?

**"[StackHawk is a great DAST security tool](https://www.g2.com/survey_responses/stackhawk-review-10761348)"**

**Rating:** 5.0/5.0 stars
*— David M.*

[Read full review](https://www.g2.com/survey_responses/stackhawk-review-10761348)

---

**"[A Game-Changer for DevSecOps](https://www.g2.com/survey_responses/stackhawk-review-8847655)"**

**Rating:** 5.0/5.0 stars
*— Todd L.*

[Read full review](https://www.g2.com/survey_responses/stackhawk-review-8847655)

---


#### What Are G2 Users Discussing About StackHawk?

- [What is StackHawk used for?](https://www.g2.com/discussions/what-is-stackhawk-used-for)

### 24. [Akto API Security Platform](https://www.g2.com/products/akto-api-security-platform/reviews)
Akto is a trusted platform for application security and product security teams to build an enterprise-grade API security program throughout their DevSecOps pipeline. Our industry-leading suite of — API discovery, API security posture management, sensitive data exposure, and API security testing solutions enables organizations to gain visibility in their API security posture. 1,000+ Application Security teams globally trust Akto for their API security needs. Akto use cases: 1. API Discovery 2. API Security Testing in CI/CD 3. API Security Posture Management 4. Authentication and Authorization Testing 5. Sensitive data Exposure 6. Shift left in DevSecOps


**Average Rating:** 4.5/5.0
**Total Reviews:** 54
**How Do G2 Users Rate Akto API Security Platform?**

- **API Testing:** 8.8/10 (Category avg: 9.1/10)
- **API Monitoring:** 9.0/10 (Category avg: 8.9/10)

**Who Is the Company Behind Akto API Security Platform?**

- **Seller:** [Akto.io](https://www.g2.com/sellers/akto-io)
- **Company Website:** https://www.akto.io
- **Year Founded:** 2022
- **HQ Location:** San Francisco, California
- **Twitter:** @Aktodotio (1,357 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/akto-io/ (29 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Financial Services, Information Technology and Services
- **Company Size:** 44% Mid-Market, 40% Small-Business


#### What Are Akto API Security Platform's Pros and Cons?

**Pros:**

- Security (11 reviews)
- Cybersecurity (8 reviews)
- Ease of Use (8 reviews)
- API Management (7 reviews)
- Automation Testing (7 reviews)

**Cons:**

- Complex Setup (7 reviews)
- Setup Complexity (6 reviews)
- API Management (4 reviews)
- Complexity (4 reviews)
- Difficult Configuration (4 reviews)


### What Do G2 Reviewers Say About Akto API Security Platform?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **automated security testing** of Akto API Security Platform, enhancing their development process and security measures.
- Users value the **efficient AI integration** in Akto, enhancing API security and seamlessly fitting into DevSecOps workflows.
- Users appreciate the **user-friendly experience** of Akto API Security Platform, enjoying its clear dashboard and easy navigation.
- Users value the **seamless API security testing** integration with CI/CD pipelines, enhancing efficiency and collaboration in DevSecOps.
- Users appreciate the **automation testing capabilities** of Akto, simplifying API security and enhancing integration within CI/CD workflows.

**Cons:**

- Users find the **complex initial setup** challenging due to steep learning curves and inadequate documentation.
- Users face a **complex initial setup** with Akto, highlighting the need for better documentation and onboarding support.
- Users find the **steep learning curve** and complex configuration of Akto API Security challenging for new teams.
- Users find the **complexity** of Akto&#39;s platform can hinder new users in their understanding and setup experience.
- Users often face **difficult configuration** challenges with Akto, requiring significant time and effort to understand its features.

#### What Are Recent G2 Reviews of Akto API Security Platform?

**"[Easy to Use API Security Tool That Helps Save Time](https://www.g2.com/survey_responses/akto-api-security-platform-review-11240428)"**

**Rating:** 4.5/5.0 stars
*— ashish d.*

[Read full review](https://www.g2.com/survey_responses/akto-api-security-platform-review-11240428)

---

**"[Easy to Implement, Clear API Security Visibility, and Responsive Support](https://www.g2.com/survey_responses/akto-api-security-platform-review-12272742)"**

**Rating:** 4.5/5.0 stars
*— Verified User in Information Technology and Services*

[Read full review](https://www.g2.com/survey_responses/akto-api-security-platform-review-12272742)

---



### 25. [APPCHECK](https://www.g2.com/products/appcheck/reviews)
AppCheck is a Dynamic Application Security Testing (DAST) and network vulnerability testing solution, developed and supported by experienced penetration testers. We approach security testing as a hacker would, leveraging multiple proprietary crawling engines to analyse target behaviour across both modern and traditional technologies, including Single Page Applications (SPAs), APIs, and complex authentication flows such as SSO, 2FA, and TOTP. Organisations can conduct unlimited security assessments across Web Applications, SPAs, APIs, cloud services, networks, across internal or external assets. Supporting production and UAT testing, AppCheck also helps organisations ‘shift left’ by integrating with CI/CD pipelines and build servers, including ADO, GitHub, Jenkins, TeamCity, CircleCI, TravisCI, Bamboo, and GitLab CI/CD. Allowing automated security testing throughout development, identifying risks as soon as changes are introduced. AppCheck are proud to be part of the CVE Numbering Authority (CNA), contributing to global security research


**Average Rating:** 4.6/5.0
**Total Reviews:** 67
**How Do G2 Users Rate APPCHECK?**

- **API Testing:** 9.4/10 (Category avg: 9.1/10)
- **API Monitoring:** 9.2/10 (Category avg: 8.9/10)

**Who Is the Company Behind APPCHECK?**

- **Seller:** [APPCHECK](https://www.g2.com/sellers/appcheck)
- **Company Website:** https://www.appcheck-ng.com
- **Year Founded:** 2014
- **HQ Location:** Leeds, GB
- **Twitter:** @AppcheckNG (649 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/appcheck-ng-ltd/ (106 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 49% Mid-Market, 30% Small-Business


#### What Are APPCHECK's Pros and Cons?

**Pros:**

- Vulnerability Detection (7 reviews)
- Ease of Use (6 reviews)
- Features (5 reviews)
- Pentesting Efficiency (5 reviews)
- Automated Scanning (4 reviews)

**Cons:**

- Poor Customer Support (2 reviews)
- UX Improvement (2 reviews)
- API Issues (1 reviews)
- Difficult Customization (1 reviews)
- Difficult Learning Curve (1 reviews)


### What Do G2 Reviewers Say About APPCHECK?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **thorough vulnerability detection** of AppCheck, significantly enhancing security and reducing manual testing costs.
- Users highlight the **ease of use** of AppCheck, simplifying complex processes and enhancing overall functionality.
- Users value the **excellent pricing and functionality** of AppCheck, appreciating personalized support and user-friendly reports.
- Users value the **outstanding pentesting efficiency** of AppCheck, achieving more vulnerabilities detected with seamless automation.
- Users value the **automated scanning** feature of AppCheck, simplifying vulnerability management with detailed, actionable reports.

**Cons:**

- Users find the **poor customer support** frustrating, needing service requests for simple changes to the scan list.
- Users suggest that **UX improvements** could enhance AppCheck, especially in vulnerability scoring and report customization features.
- Users find the **API issues** frustrating, relying on service requests for endpoint changes, although improvements are forthcoming.
- Users find **difficult customization** options in AppCheck, limiting their ability to tailor reports to specific needs.
- Users note a **difficult learning curve** with Appcheck, but overall they find the product highly effective.

#### What Are Recent G2 Reviews of APPCHECK?

**"[Effortless Vulnerability Management with APPCHECK](https://www.g2.com/survey_responses/appcheck-review-12463853)"**

**Rating:** 5.0/5.0 stars
*— Aaron H.*

[Read full review](https://www.g2.com/survey_responses/appcheck-review-12463853)

---

**"[Great onboarding experience and trial](https://www.g2.com/survey_responses/appcheck-review-11771398)"**

**Rating:** 4.0/5.0 stars
*— Tyler S.*

[Read full review](https://www.g2.com/survey_responses/appcheck-review-11771398)

---




## What Is API Security Tools?

[Cloud Security Software](https://www.g2.com/categories/cloud-security)

## What Software Categories Are Similar to API Security Tools?

- [Vulnerability Scanner Software](https://www.g2.com/categories/vulnerability-scanner)
- [Penetration Testing Tools](https://www.g2.com/categories/penetration-testing-tools)
- [Dynamic Application Security Testing (DAST) Software](https://www.g2.com/categories/dynamic-application-security-testing-dast)


