# Best API Security Tools

*By [Lauren Worth](https://research.g2.com/insights/author/lauren-worth)*

The best API security software in 2026 is Postman, rated 4.6 out of 5 on G2 based on 1,700+ verified reviews. For teams prioritizing automated penetration testing, apisec.ai leads with the highest rating at 4.7 stars and seamless CI/CD integration.

1. Postman — 4.6/5 (1,700+ reviews): API endpoint security validation and collaborative testing
2. Cloudflare Application Security and Performance — 4.5/5 (600+ reviews): Edge-enforced WAF and API abuse protection
3. apisec.ai — 4.7/5 (200+ reviews): Continuous automated API penetration testing with CI/CD integration
4. Check Point WAF (formerly CloudGuard WAF) — 4.4/5 (80+ reviews): AI-driven API and zero-day threat prevention
5. Fastly&#39;s Web Application and API Security — 4.2/5 (30+ reviews): Low-tuning WAF with API-layer attack blocking

*Updated June 2026. Based on 2026 G2 verified review data across 1,680 products.*


API security tools protect information traveling through a company’s network via application programming interfaces (APIs). APIs serve a variety of purposes, such as adding functionality to applications, providing cloud services, and connecting networks. Companies use API security technologies to develop an inventory of existing API connections and ensure their security. These tools may additionally discover unknown or shadow APIs, which is a common scenario for companies using numerous APIs.

IT departments, software developers, and security professionals may use API security solutions to improve visibility for APIs, monitor their performance, and enforce strict security guidelines. As companies continuously discover new API connections, monitoring is key to ensuring optimum performance. Security enforcement is also important since many APIs contain sensitive data, which may turn into fines if left exposed. Lastly, many API security solutions include testing features. Testing APIs for security and policy enforcement may be the only way to verify an API’s security.

Some [API management platforms](https://www.g2.com/categories/api-management) provide tools to create an inventory of APIs connected to a network. However, this is only a feature-level functionality of the platform and will not provide substantial security functionality. It is not its most common use case.

To qualify for inclusion in the API Security Tools category, a product must:

- Discover and inventory the APIs connected to a network, application, or system
- Provide robust authentication mechanisms to restrict access to APIs and enable role-based access control (RBAC) to manage who can configure and modify API security settings
- Ensure that the data being sent to the API is encrypted, safe, and valid, and mitigate common threats such as DDoS attacks, replay attacks, and man-in-the-middle attacks
- Keep detailed logs of API access and activities to detect anomalies, monitor usage patterns, and support forensic investigations in case of security incidents
- Have comprehensive analytics and reporting capabilities to gain insights into API usage, performance, and security posture
- Perform security audits and vulnerability assessments to identify and address potential security risks
- Allow for testing and policy enforcement for API connections





## Top API Security Tools at a Glance
| # | Product | Rating | Best For | What Users Say |
|---|---------|--------|----------|----------------|
| 1 | [Postman](https://www.g2.com/products/postman/reviews) | 4.6/5.0 (1,748 reviews) | API endpoint security validation and collaborative testing | "[The easiest way I&#39;ve found to work with APIs](https://www.g2.com/survey_responses/postman-review-13046207)" |
| 2 | [Cloudflare Application Security and Performance](https://www.g2.com/products/cloudflare-application-security-and-performance/reviews) | 4.5/5.0 (595 reviews) | Edge-enforced WAF and API abuse protection | "[Our trusted platform for security, performance, and edge computing](https://www.g2.com/survey_responses/cloudflare-application-security-and-performance-review-13072280)" |
| 3 | [apisec.ai](https://www.g2.com/products/apisec-ai/reviews) | 4.7/5.0 (227 reviews) | Continuous automated API penetration testing with CI/CD integration | "[Best AI API tester I’ve ever used – easy to use with one-click analysis](https://www.g2.com/survey_responses/apisec-ai-review-11639883)" |
| 4 | [Check Point WAF (formerly CloudGuard WAF)](https://www.g2.com/products/check-point-waf-formerly-cloudguard-waf/reviews) | 4.4/5.0 (84 reviews) | AI-driven API and zero-day threat prevention | "[Complex Setup, but Strong Security Features](https://www.g2.com/survey_responses/check-point-waf-formerly-cloudguard-waf-review-13110824)" |
| 5 | [Fastly&#39;s Web Application and API Security](https://www.g2.com/products/fastly-s-web-application-and-api-security/reviews) | 4.2/5.0 (29 reviews) | Low-tuning WAF with API-layer attack blocking | "[Perfect API Protection](https://www.g2.com/survey_responses/fastly-s-web-application-and-api-security-review-12332835)" |
| 6 | [Rakuten SixthSense Observability](https://www.g2.com/products/rakuten-sixthsense-observability/reviews) | 4.6/5.0 (52 reviews) | Real-time API and application observability with unified tracing | "[A very good SAAS monitoring &amp; observability tool](https://www.g2.com/survey_responses/rakuten-sixthsense-observability-review-11287792)" |
| 7 | [Astra Pentest](https://www.g2.com/products/astra-pentest/reviews) | 4.6/5.0 (212 reviews) | Validated API pentesting with remediation-ready reporting | "[Exceptional VAPT Solution with Prompt Support](https://www.g2.com/survey_responses/astra-pentest-review-9603864)" |
| 8 | [Harness Platform](https://www.g2.com/products/harness-platform/reviews) | 4.6/5.0 (300 reviews) | — | "[Harness - World of automation](https://www.g2.com/survey_responses/harness-platform-review-11792426)" |
| 9 | [Orca Security](https://www.g2.com/products/orca-security/reviews) | 4.7/5.0 (300 reviews) | Agentless cloud API exposure and risk prioritization | "[Orca Makes Shadow AI Agents Visible and Governable Across Our Cloud](https://www.g2.com/survey_responses/orca-security-review-13119948)" |
| 10 | [Azion](https://www.g2.com/products/azion/reviews) | 4.7/5.0 (31 reviews) | Edge WAF and API bot-blocking | "[Azion as one of the main strategic partners in cybersecurity.](https://www.g2.com/survey_responses/azion-review-12544164)" |

---
## What Are the Most Common Questions About API Security Tools?
*AI-generated · Last updated: May 26, 2026*
### Which is the best API security platform for enterprises?
Based on G2 reviews, Check Point WAF (formerly CloudGuard WAF) stands out for enterprise API security needs because reviewers consistently describe strong protection for web applications and APIs, cloud-native deployment, centralized policy management, and reduced manual tuning. According to verified users, it helps security teams block common attacks, improve visibility into traffic, and automate protection across cloud environments. G2 reviewers mention benefits such as API discovery, threat prevention, support for CI/CD workflows, and lower operational effort once the platform is configured. Reviewers also note tradeoffs, including a learning curve, setup complexity, and premium pricing, which enterprise teams should weigh against the broader automation and coverage it provides.


### What is the best software for API authentication and authorization?
Based on G2 reviews, buyers evaluating API authentication and authorization capabilities often focus on tools that help test, validate, and secure authenticated API traffic rather than identity platforms alone. According to verified users, Postman is frequently used to work with bearer tokens, OAuth, API keys, environments, and shared collections, making it useful for testing secured APIs across development and QA workflows. G2 reviewers mention that Cloudflare Application Security and Performance and Check Point WAF also help protect APIs through access controls, rate limiting, bot protection, and policy enforcement. Across reviews, buyers should expect strengths around visibility and testing, while also noting setup complexity or learning curves for more advanced security configurations.

**Here are some of the top-rated products on G2:**

- [Postman](https://www.g2.com/products/postman/reviews) – used to test secured APIs with bearer tokens, OAuth, API keys, and shared environments
- [Cloudflare Application Security and Performance](https://www.g2.com/products/cloudflare-application-security-and-performance/reviews) – helps enforce rate limiting, bot protection, and firewall controls for exposed APIs
- [Check Point WAF (formerly CloudGuard WAF)](https://www.g2.com/products/check-point-waf-formerly-cloudguard-waf/reviews) – protects APIs with policy enforcement, traffic inspection, and automated threat prevention


### What are the top-rated API security tools for large-scale APIs?
Based on G2 reviews, large-scale API teams often prioritize visibility, automation, and protection across complex environments. According to verified users, Cloudflare Application Security and Performance is valued for handling DDoS mitigation, WAF protection, bot management, and traffic optimization with relatively low ongoing maintenance. G2 reviewers mention Check Point WAF for multi-cloud API protection, automated threat prevention, and centralized visibility, especially where teams need support for modern web and API environments. Reviewers also describe apisec.ai as useful for automating API security testing, continuous scanning, and surfacing OWASP-style risks early in the development cycle. Common review themes across these products include easier scaling of security coverage, but also some onboarding and tuning effort.

**Here are some of the top-rated products on G2:**

- [Cloudflare Application Security and Performance](https://www.g2.com/products/cloudflare-application-security-and-performance/reviews) – used to protect high-traffic apps and APIs with WAF, bot defense, and DDoS mitigation
- [Check Point WAF (formerly CloudGuard WAF)](https://www.g2.com/products/check-point-waf-formerly-cloudguard-waf/reviews) – suited for cloud-native and multi-cloud API environments needing automated protection and visibility
- [apisec.ai](https://www.g2.com/products/apisec-ai/reviews) – helps large teams automate API security testing and continuous vulnerability scanning


### Which API security platform offers AI-powered threat prevention?
Based on G2 reviews, Check Point WAF (formerly CloudGuard WAF) is repeatedly described as offering AI-driven or contextual AI-based threat prevention for web applications and APIs. According to verified users, reviewers value its ability to detect and block threats such as SQL injection, XSS, bot activity, and zero-day style attacks while reducing manual rule tuning. G2 reviewers mention strengths like automated learning, behavioral analysis, low false positives in production use, and fit for cloud-native environments. Several reviews also point to visibility into traffic and support for API security use cases. Buyers should note that reviewers also mention a steeper setup and tuning process, especially for teams new to the platform or managing complex applications.


### What is the best API security software for compliance-driven industries?
Based on G2 reviews, compliance-focused buyers often look for tools that provide clear reporting, repeatable testing, and evidence they can share with auditors or customers. According to verified users, Astra Pentest is often used to support compliance requirements, client security reviews, and formal pentest documentation, with reviewers highlighting detailed reports, clear remediation guidance, and dashboard visibility. G2 reviewers also mention Intruder for continuous vulnerability scanning and ongoing visibility between formal assessments, and BugDazz API Scanner for technical and compliance-ready reporting used in audit scenarios. Across reviews, the strongest themes are actionable findings, easier proof for security diligence, and support for regular security validation rather than one-time checks alone.

**Here are some of the top-rated products on G2:**

- [Astra Pentest](https://www.g2.com/products/astra-pentest/reviews) – used to generate pentest reports and security evidence for audits, customers, and compliance workflows
- [Intruder](https://www.g2.com/products/intruder/reviews) – supports regular vulnerability scanning and clearer visibility between formal compliance assessments
- [BugDazz API Scanner](https://www.g2.com/products/bugdazz-api-scanner/reviews) – provides detailed reports that reviewers use for internal reviews and audit documentation


### What are the best platforms for API vulnerability scanning?
Based on G2 reviews, buyers looking for API vulnerability scanning tools often favor products that automate discovery, scanning, and remediation guidance. According to verified users, apisec.ai is widely used to automate API security testing, continuously scan for vulnerabilities, and provide actionable reporting that reduces manual effort. G2 reviewers mention Pynt - API Security Testing for automated API discovery and security testing tied closely to development workflows, especially where teams want fewer false positives and easier alerts. Reviewers also describe Akto API Security Platform as helpful for surfacing API issues quickly through a clear dashboard and automated checks. Common review themes include faster coverage and earlier detection, with some products requiring onboarding time or tuning for advanced scenarios.

**Here are some of the top-rated products on G2:**

- [apisec.ai](https://www.g2.com/products/apisec-ai/reviews) – automates continuous API vulnerability scanning and highlights common API security risks with actionable reports
- [Pynt - API Security Testing](https://www.g2.com/products/pynt-api-security-testing/reviews) – combines automated API discovery and security testing with fewer false positives in review feedback
- [Akto API Security Platform](https://www.g2.com/products/akto-api-security-platform/reviews) – helps teams find API security issues early through automated checks and a simple dashboard


### Which API security solution integrates with DevSecOps workflows?
Based on G2 reviews, several API security products are used within DevSecOps pipelines, but apisec.ai is frequently mentioned for CI/CD integration and automated testing in the software delivery process. According to verified users, it helps teams shift API security earlier in development by automating scans, generating reports, and reducing manual pentesting effort. G2 reviewers mention integrations with CI/CD pipelines as a key strength, alongside continuous testing and support for identifying issues before release. Reviewers also note that setup can take some onboarding for complex environments, but the payoff is stronger coverage and faster remediation. For teams prioritizing pipeline-based security validation, apisec.ai appears especially well aligned with review feedback.


### What are the top tools for protecting public and private APIs?
Based on G2 reviews, protecting both public-facing and internal APIs often requires a mix of traffic inspection, discovery, and automated defense. According to verified users, Cloudflare Application Security and Performance is used to secure exposed services with firewall controls, bot management, rate limiting, and DDoS mitigation while also improving availability. G2 reviewers mention Check Point WAF for API protection across cloud and hybrid environments with strong inspection and automated threat prevention. Reviewers also describe Cequence Security as valuable for API visibility, bot detection, and identifying abuse patterns across complex environments. Across reviews, buyers should expect strong coverage for external threats and unknown APIs, while also planning for tuning and onboarding where environments are large or highly customized.

**Here are some of the top-rated products on G2:**

- [Cloudflare Application Security and Performance](https://www.g2.com/products/cloudflare-application-security-and-performance/reviews) – secures exposed APIs with WAF controls, rate limiting, DDoS mitigation, and bot protection
- [Check Point WAF (formerly CloudGuard WAF)](https://www.g2.com/products/check-point-waf-formerly-cloudguard-waf/reviews) – protects APIs across cloud and hybrid setups with inspection, policy controls, and automated defenses
- [Cequence Security](https://www.g2.com/products/cequence-security/reviews) – helps discover APIs and detect abuse patterns, credential stuffing, and automated bot attacks


### What are the top tools for preventing API data breaches?
Based on G2 reviews, preventing API data breaches starts with better visibility into exposed endpoints, sensitive traffic, and abusive behavior. According to verified users, Cequence Security is valued for detecting abnormal API activity, credential stuffing, scraping, and abuse patterns that can lead to account compromise or data loss. G2 reviewers mention Cloudflare Application Security and Performance for shielding apps and APIs with WAF, DDoS protection, bot management, and rate limiting. Reviewers also describe Levo.ai as useful for API inventory, identifying unknown APIs, and surfacing risks in API-first environments. Common themes across reviews include discovering blind spots, reducing manual monitoring, and improving response to misuse before it becomes a larger incident.

**Here are some of the top-rated products on G2:**

- [Cequence Security](https://www.g2.com/products/cequence-security/reviews) – helps stop credential stuffing, scraping, and abnormal API behavior tied to data exposure risk
- [Cloudflare Application Security and Performance](https://www.g2.com/products/cloudflare-application-security-and-performance/reviews) – provides WAF, bot defense, and rate limiting to reduce abuse against exposed APIs
- [Levo.ai](https://www.g2.com/products/levo-ai/reviews) – helps discover API inventory and identify unidentified APIs that could increase breach risk


### Which API protection tool offers real-time threat detection?
Based on G2 reviews, Wallarm API Security Platform is specifically called out by reviewers for accurate real-time API threat detection with few false positives. According to verified users, it is used to protect APIs and web applications from modern attacks, including OWASP-style threats and zero-day risks. G2 reviewers mention the appeal of real-time detection quality, while also noting that configuration and tuning can be time-consuming for newer users. Review feedback suggests it is a strong fit for teams that prioritize fast threat visibility and ongoing protection at the API layer. Buyers should plan for implementation effort, but the real-time detection focus is a clear recurring theme in the available G2 feedback.




## G2 Grid® for API Security Tools
![G2 Grid® for API Security Tools plotting products by satisfaction and market presence](https://www.g2.com/categories/api-security/grids.png?focus%5B%5D=20238&focus%5B%5D=10700&focus%5B%5D=1339605&focus%5B%5D=143374&focus%5B%5D=1211333&focus%5B%5D=105445&focus%5B%5D=154599&focus%5B%5D=100655)
Highlighted products: Postman, Cloudflare Application Security and Performance, Check Point WAF (formerly CloudGuard WAF), apisec.ai, Rakuten SixthSense Observability, Fastly&#39;s Web Application and API Security, Astra Pentest, and Harness Platform.
Underlying data: [Grid® JSON](https://www.g2.com/categories/api-security/grids.json?focus%5B%5D=postman&amp;focus%5B%5D=cloudflare-application-security-and-performance&amp;focus%5B%5D=check-point-waf-formerly-cloudguard-waf&amp;focus%5B%5D=apisec-ai&amp;focus%5B%5D=rakuten-sixthsense-observability&amp;focus%5B%5D=fastly-s-web-application-and-api-security&amp;focus%5B%5D=astra-pentest&amp;focus%5B%5D=harness-platform)


## How Many API Security Tools Products Does G2 Track?
**Total Products under this Category:** 69

### Category Stats (Jul 2026)
- **Average Rating**: 4.56/5 (↑0.02 vs Jun 2026) The average rating of products in this category, based on all submitted ratings
- **Top Trending Product**: AppSentinels (+2.85%) - Among all products in this category, AppSentinels recorded the largest rating increase compared to last month
*Last updated: July 16, 2026*


## How Does G2 Rank API Security Tools Products?

**Why You Can Trust G2's Software Rankings:**

- 30 Analysts and Data Experts
- 5,000+ Authentic Reviews
- 69+ Products
- Unbiased Rankings

G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category.


## Which API Security Tools Is Best for Your Use Case?

- **Leader:** [Postman](https://www.g2.com/products/postman/reviews)
- **Highest Performer:** [apisec.ai](https://www.g2.com/products/apisec-ai/reviews)
- **Easiest to Use:** [Postman](https://www.g2.com/products/postman/reviews)
- **Top Trending:** [Astra Pentest](https://www.g2.com/products/astra-pentest/reviews)
- **Best Free Software:** [Postman](https://www.g2.com/products/postman/reviews)


---

**Sponsored**

### Cloudflare Application Security and Performance

Cloudflare is the connectivity cloud for the &quot;everywhere world,&quot; on a mission to help build a better Internet. We provide a unified platform of networking, security, and developer services delivered from a single, intelligent global network that spans hundreds of cities in over 125 countries. This empowers organizations of all sizes, from small businesses to the world&#39;s largest enterprises, to make their employees, applications, and networks faster and more secure everywhere, while significantly reducing complexity and cost. Our comprehensive platform includes: - Advanced Security: Protect your online presence with industry-leading DDoS protection, a robust Web Application Firewall (WAF), Bot mitigation, and API security. Implement Zero Trust security to secure remote access, data, and applications for your entire workforce. - Superior Performance: Accelerate website and application loading times globally with our Content Delivery Network (CDN), intelligent DNS, and smart routing capabilities. Optimize images and deliver dynamic content with unparalleled speed. - Powerful Developer Tools: Empower your developers to build and deploy full-stack applications at the edge using Cloudflare Workers (serverless functions), R2 Storage (object storage without egress fees), and D1 (serverless SQL database). Cloudflare helps connect and protect millions of customers globally, offering the control, visibility, and reliability businesses need to work, develop, and accelerate their operations in today&#39;s hyperconnected landscape. Our global network continuously learns and adapts, ensuring your digital assets are always protected and performing at their best.



[Visit website](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=paid_promo&amp;secure%5Bad_slot%5D=category_product_list&amp;secure%5Bcategory_id%5D=2253&amp;secure%5Bchosen_at%5D=2026-07-17T08%3A06%3A25Z&amp;secure%5Bmedium%5D=sponsored&amp;secure%5Bprioritized%5D=false&amp;secure%5Bproduct_id%5D=10700&amp;secure%5Bresource_id%5D=2253&amp;secure%5Bresource_type%5D=Category&amp;secure%5Bsource_type%5D=category_page&amp;secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fapi-security%3Fopen_modal_url%3D%252Fproducts%252Fqodex-ai%252Fwishlists%253Fhost_path%253D%25252Fcategories%25252Fapi-security%2526source%253Dcategory&amp;secure%5Btoken%5D=1d148aae4977eddc6183a2f6690301752dcc9d7e7b8fb84da627d450470bb012&amp;secure%5Burl%5D=https%3A%2F%2Fwww.cloudflare.com%2Fapplication-services%2Fproducts%2F&amp;secure%5Burl_type%5D=paid_promos)

---

## What Are the Top-Rated API Security Tools Products in 2026?
### 1. [Postman](https://www.g2.com/products/postman/reviews)
Postman is the world’s leading API platform, used by more than 40 million developers and 500,000 organizations to build, test, and manage APIs at scale. With Postman, teams collaborate efficiently across the entire API lifecycle, including design, development, testing, security, documentation, and governance. The platform helps ensure consistency, quality, and enterprise-grade control. Postman also offers Agent Mode (beta), built on AWS Bedrock and trained with AWS SageMaker. Agent Mode enables developers to use natural language to debug requests, organize collections, document APIs, and automate workflows without switching tools or writing custom scripts.


**Average Rating:** 4.6/5.0
**Total Reviews:** 1,748
**How Do G2 Users Rate Postman?**

- **API Testing:** 9.5/10 (Category avg: 9.1/10)
- **API Monitoring:** 9.1/10 (Category avg: 8.9/10)

**Who Is the Company Behind Postman?**

- **Seller:** [Postman](https://www.g2.com/sellers/postman)
- **Year Founded:** 2014
- **HQ Location:** San Francisco, CA
- **Twitter:** @getpostman (55,430 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/3795851/ (3,512 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Software Engineer, Software Developer
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 39% Mid-Market, 35% Small-Business


#### What Are Postman's Pros and Cons?

**Pros:**

- Ease of Use (460 reviews)
- API Testing (394 reviews)
- API Management (304 reviews)
- Testing (278 reviews)
- Testing Efficiency (276 reviews)

**Cons:**

- Slow Performance (222 reviews)
- Performance Issues (202 reviews)
- Slow Loading (145 reviews)
- Resource Limitations (131 reviews)
- Limited Features (120 reviews)


### What Do G2 Reviewers Say About Postman?
*AI-generated summary from verified user reviews*

**Pros:**

- Users love the **ease of use** of Postman, citing its intuitive interface and powerful automation tools.
- Users find Postman to be a **super intuitive tool for API testing** , enhancing efficiency in managing and sharing tests.
- Users appreciate the **smooth API lifecycle management** in Postman, enhancing testing, mocking, and automation efficiency.
- Users appreciate the **ease of testing** in Postman, enabling efficient API management and collaboration.
- Users value the **testing efficiency** of Postman, finding it intuitive and seamless for managing API workflows.

**Cons:**

- Users find that Postman exhibits **slow performance** , particularly when handling large collections or multiple workspaces.
- Users note that Postman has **performance issues** , particularly with heavy resource reliance affecting usability in large projects.
- Users experience **slow loading times** with Postman, especially when handling large collections or extended usage.
- Users find Postman has **resource limitations** , as it can be heavy and relies heavily on internet connectivity.
- Users find **limited features** in Postman, particularly for smaller teams restricted by subscription requirements for advanced tools.

#### What Are Recent G2 Reviews of Postman?

**"[The easiest way I&#39;ve found to work with APIs](https://www.g2.com/survey_responses/postman-review-13046207)"**

**Rating:** 4.5/5.0 stars
*— Miguel F.*

[Read full review](https://www.g2.com/survey_responses/postman-review-13046207)

---

**"[Postman Makes API Testing Fast and Organized with Collections](https://www.g2.com/survey_responses/postman-review-13066410)"**

**Rating:** 4.5/5.0 stars
*— ARYAN M.*

[Read full review](https://www.g2.com/survey_responses/postman-review-13066410)

---


#### What Are G2 Users Discussing About Postman?

- [What is Postman used for?](https://www.g2.com/discussions/what-is-postman-used-for) - 8 comments, 2 upvotes

### 2. [Cloudflare Application Security and Performance](https://www.g2.com/products/cloudflare-application-security-and-performance/reviews)
Cloudflare is the connectivity cloud for the &quot;everywhere world,&quot; on a mission to help build a better Internet. We provide a unified platform of networking, security, and developer services delivered from a single, intelligent global network that spans hundreds of cities in over 125 countries. This empowers organizations of all sizes, from small businesses to the world&#39;s largest enterprises, to make their employees, applications, and networks faster and more secure everywhere, while significantly reducing complexity and cost. Our comprehensive platform includes: - Advanced Security: Protect your online presence with industry-leading DDoS protection, a robust Web Application Firewall (WAF), Bot mitigation, and API security. Implement Zero Trust security to secure remote access, data, and applications for your entire workforce. - Superior Performance: Accelerate website and application loading times globally with our Content Delivery Network (CDN), intelligent DNS, and smart routing capabilities. Optimize images and deliver dynamic content with unparalleled speed. - Powerful Developer Tools: Empower your developers to build and deploy full-stack applications at the edge using Cloudflare Workers (serverless functions), R2 Storage (object storage without egress fees), and D1 (serverless SQL database). Cloudflare helps connect and protect millions of customers globally, offering the control, visibility, and reliability businesses need to work, develop, and accelerate their operations in today&#39;s hyperconnected landscape. Our global network continuously learns and adapts, ensuring your digital assets are always protected and performing at their best.


**Average Rating:** 4.5/5.0
**Total Reviews:** 595
**How Do G2 Users Rate Cloudflare Application Security and Performance?**

- **API Testing:** 10.0/10 (Category avg: 9.1/10)
- **API Monitoring:** 9.8/10 (Category avg: 8.9/10)

**Who Is the Company Behind Cloudflare Application Security and Performance?**

- **Seller:** [Cloudflare, Inc.](https://www.g2.com/sellers/cloudflare-inc)
- **Company Website:** https://www.cloudflare.com
- **Year Founded:** 2009
- **HQ Location:** San Francisco, California
- **Twitter:** @Cloudflare (286,254 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/407222/ (7,190 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Web Developer, Software Engineer
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 61% Small-Business, 27% Mid-Market


#### What Are Cloudflare Application Security and Performance's Pros and Cons?

**Pros:**

- Security (53 reviews)
- Ease of Use (49 reviews)
- Features (43 reviews)
- Performance (35 reviews)
- DDoS Protection (34 reviews)

**Cons:**

- Complex User Interface (23 reviews)
- Expensive (23 reviews)
- Complex Setup (18 reviews)
- Complexity (17 reviews)
- Learning Curve (14 reviews)


### What Do G2 Reviewers Say About Cloudflare Application Security and Performance?
*AI-generated summary from verified user reviews*

**Pros:**

- Users commend Cloudflare for its **robust security features** , including automatic DDoS protection and a helpful Web Application Firewall.
- Users appreciate the **ease of use** of Cloudflare, with an intuitive dashboard simplifying security and performance management.
- Users appreciate the **user-friendly interface** and comprehensive features of Cloudflare, streamlining security and performance management.
- Users commend the **enhanced performance** of Cloudflare, noting faster page loads and seamless integration for website security.
- Users value the **effective DDoS protection** from Cloudflare, ensuring peace of mind with enhanced application security.

**Cons:**

- Users find the **complex user interface** challenging, especially when navigating advanced features and configurations effectively.
- Users find the platform **expensive** , especially as many useful features require upgrading to higher-priced plans.
- Users experience a **complex setup** requiring extra time, making it less friendly for those unfamiliar with security configurations.
- Users find the **complexity** of advanced configurations challenging, especially for those new to security platforms.
- Users note a **steep learning curve** for advanced features, which can complicate their overall experience with Cloudflare.

#### What Are Recent G2 Reviews of Cloudflare Application Security and Performance?

**"[Our trusted platform for security, performance, and edge computing](https://www.g2.com/survey_responses/cloudflare-application-security-and-performance-review-13072280)"**

**Rating:** 5.0/5.0 stars
*— Pablo H.*

[Read full review](https://www.g2.com/survey_responses/cloudflare-application-security-and-performance-review-13072280)

---

**"[Secure access with WARP and solid stability even during traffic peaks](https://www.g2.com/survey_responses/cloudflare-application-security-and-performance-review-13076468)"**

**Rating:** 4.5/5.0 stars
*— Flor B.*

[Read full review](https://www.g2.com/survey_responses/cloudflare-application-security-and-performance-review-13076468)

---


#### What Are G2 Users Discussing About Cloudflare Application Security and Performance?

- [What is Cloudflare Spectrum used for?](https://www.g2.com/discussions/what-is-cloudflare-spectrum-used-for) - 1 comment
- [What is Cloudflare Bot Management used for?](https://www.g2.com/discussions/what-is-cloudflare-bot-management-used-for)
- [Does Cloudflare provide hosting?](https://www.g2.com/discussions/does-cloudflare-provide-hosting) - 2 comments
- [How good is Cloudflare DNS?](https://www.g2.com/discussions/how-good-is-cloudflare-dns) - 1 comment, 1 upvote
- [What does DDoS protection do?](https://www.g2.com/discussions/what-does-ddos-protection-do)

### 3. [apisec.ai](https://www.g2.com/products/apisec-ai/reviews)
APIsec automated API testing platform automatically analyzes applications, simulates sophisticated attacks across the full spectrum of OWASP threats, and uncovers vulnerabilities and exploits before they reach production. By eliminating the need for time-consuming manual testing, APIsec helps security and development teams strengthen their security posture with continuous, preventative API protection. In addition, APIsec operates APIsec University, the world’s most popular API security education platform, offering dozens of free courses and a vibrant community of over 100,000 members. Together, our advanced security solutions and educational resources enable organizations to build, deploy, and maintain secure applications with confidence.


**Average Rating:** 4.7/5.0
**Total Reviews:** 227
**How Do G2 Users Rate apisec.ai?**

- **API Testing:** 9.0/10 (Category avg: 9.1/10)
- **API Monitoring:** 8.7/10 (Category avg: 8.9/10)

**Who Is the Company Behind apisec.ai?**

- **Seller:** [apisec.ai](https://www.g2.com/sellers/apisec-ai)
- **Year Founded:** 2018
- **HQ Location:** San Francisco, US
- **LinkedIn® Page:** http://www.linkedin.com/company/apisec (41 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Security Consultant, Cyber Security Analyst
- **Top Industries:** Computer &amp; Network Security, Information Technology and Services
- **Company Size:** 64% Small-Business, 23% Mid-Market


#### What Are apisec.ai's Pros and Cons?

**Pros:**

- Security (71 reviews)
- Ease of Use (61 reviews)
- API Management (56 reviews)
- Testing Efficiency (56 reviews)
- Automation (50 reviews)

**Cons:**

- API Issues (25 reviews)
- Complex Setup (19 reviews)
- Poor Documentation (13 reviews)
- Difficult Learning Curve (12 reviews)
- Expensive (9 reviews)


### What Do G2 Reviewers Say About apisec.ai?
*AI-generated summary from verified user reviews*

**Pros:**

- Users highlight the **robust security features** of Apisec, effectively addressing the top OWASP API security risks.
- Users find APISec.ai to be **incredibly user-friendly** , streamlining API scans with its clean interface and quick results.
- Users appreciate the **automatic endpoint discovery** by apisec.ai, enhancing visibility and simplifying API assessments.
- Users appreciate the **efficiency of automated API testing** with apisec.ai, simplifying security checks and saving time.
- Users appreciate the **effortless automation** of apisec.ai, enabling easy scanning and early detection of API security issues.

**Cons:**

- Users find **API issues** challenging due to a lack of clear guides and difficulties with authentication setups.
- Users find the **complex setup** challenging, especially without clear guides or documentation for new users.
- Users face challenges due to **poor documentation** , making it difficult to utilize apisec.ai effectively.
- Users note the **difficult learning curve** of APIsec.ai, finding it overwhelming and requiring better onboarding resources.
- Users find the product **expensive** , especially regarding exams and individual certifications, seeking more affordable options.

#### What Are Recent G2 Reviews of apisec.ai?

**"[Best AI API tester I’ve ever used – easy to use with one-click analysis](https://www.g2.com/survey_responses/apisec-ai-review-11639883)"**

**Rating:** 5.0/5.0 stars
*— B.B Shalitha M.*

[Read full review](https://www.g2.com/survey_responses/apisec-ai-review-11639883)

---

**"[Scanning at Scale at the age of AI with APISec](https://www.g2.com/survey_responses/apisec-ai-review-11038850)"**

**Rating:** 4.0/5.0 stars
*— Suvam A.*

[Read full review](https://www.g2.com/survey_responses/apisec-ai-review-11038850)

---



### 4. [Check Point WAF (formerly CloudGuard WAF)](https://www.g2.com/products/check-point-waf-formerly-cloudguard-waf/reviews)
CloudGuard WAF is a cloud-native Web and API security solution designed to help users safeguard their applications from both known and unknown threats. By leveraging advanced contextual AI, this solution provides precise threat prevention without the need for traditional signature-based detection methods. This innovative approach allows organizations to maintain a robust security posture while minimizing the risks associated with evolving cyber threats. Targeted primarily at businesses that rely on web applications and APIs, CloudGuard WAF is particularly beneficial for enterprises in sectors such as finance, healthcare, and e-commerce, where data protection is paramount. The solution is designed to address the complex security challenges that arise in modern application environments, especially those utilizing continuous integration and continuous deployment (CI/CD) practices. As organizations increasingly adopt cloud-native architectures, the need for flexible and efficient security solutions becomes critical. One of the standout features of CloudGuard WAF is its preemptive protection capabilities. By employing machine learning-based security measures, the solution can effectively prevent zero-day threats, which are vulnerabilities that have not yet been discovered or patched. This proactive approach eliminates the reliance on frequent signature updates, allowing organizations to stay ahead of potential attacks without the need for constant manual intervention. Moreover, CloudGuard WAF excels in precise detection, enabling it to identify a broader range of attacks while minimizing the need for ongoing fine-tuning and exception creation. This feature not only enhances the accuracy of threat detection but also reduces the operational burden on security teams, allowing them to focus on more strategic initiatives rather than routine adjustments. Designed with cloud-native principles in mind, CloudGuard WAF supports CI/CD-friendly deployment and automation. This means that organizations can easily integrate the solution into their existing workflows, from installation to upgrades and configuration. By utilizing declarative infrastructure-as-code or APIs, users can streamline their security processes, ensuring that their applications remain protected as they evolve. Overall, CloudGuard WAF represents a significant advancement in the realm of web and API security, offering organizations a sophisticated and adaptable solution to combat the ever-changing landscape of cyber threats. Its combination of preemptive protection, precise detection, and cloud-native design makes it a valuable asset for any organization looking to enhance its security posture in today&#39;s digital environment.


**Average Rating:** 4.4/5.0
**Total Reviews:** 84
**How Do G2 Users Rate Check Point WAF (formerly CloudGuard WAF)?**

- **API Testing:** 8.7/10 (Category avg: 9.1/10)
- **API Monitoring:** 8.9/10 (Category avg: 8.9/10)

**Who Is the Company Behind Check Point WAF (formerly CloudGuard WAF)?**

- **Seller:** [Check Point Software Technologies](https://www.g2.com/sellers/check-point-software-technologies)
- **Company Website:** https://www.checkpoint.com/
- **Year Founded:** 1993
- **HQ Location:** Redwood City, CA
- **Twitter:** @CheckPointSW (70,955 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/check-point-software-technologies/ (8,554 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 57% Mid-Market, 28% Small-Business


#### What Are Check Point WAF (formerly CloudGuard WAF)'s Pros and Cons?

**Pros:**

- Protection (35 reviews)
- Security (30 reviews)
- Cybersecurity (21 reviews)
- DDoS Protection (21 reviews)
- WAF (Web Application Firewall) (18 reviews)

**Cons:**

- Complex Setup (21 reviews)
- Expensive (14 reviews)
- Learning Difficulty (14 reviews)
- Difficult Learning Curve (11 reviews)
- User Interface Issues (10 reviews)


### What Do G2 Reviewers Say About Check Point WAF (formerly CloudGuard WAF)?
*AI-generated summary from verified user reviews*

**Pros:**

- Users highlight the **reliable security features** of Check Point WAF, ensuring effective protection against web attacks effortlessly.
- Users value the **robust security features** of Check Point CloudGuard WAF, enabling customized protection with minimal management effort.
- Users appreciate the **contextual AI** of Check Point CloudGuard WAF, offering effective protection with minimal false positives.
- Users value the **robust DDoS protection** of Check Point CloudGuard WAF, ensuring secure cloud applications and API traffic.
- Users value Check Point WAF for its **comprehensive protection** against web attacks and seamless integration with cloud environments.

**Cons:**

- Users find the **complex setup** challenging, particularly for teams new to Check Point&#39;s ecosystem.
- Users find the Check Point WAF to be **expensive** , especially compared to competitors despite its advanced features.
- Users find the **learning difficulty** challenging due to the complex setup and extensive configuration requirements.
- Users face a **difficult learning curve** due to extensive features and configurations required for effective use.
- Users often find the **user interface overwhelming** , particularly during initial setup and while navigating complex features.

#### What Are Recent G2 Reviews of Check Point WAF (formerly CloudGuard WAF)?

**"[Strong and reliable WAF for modern web and API security](https://www.g2.com/survey_responses/check-point-waf-formerly-cloudguard-waf-review-12736414)"**

**Rating:** 4.5/5.0 stars
*— Dharamveer p.*

[Read full review](https://www.g2.com/survey_responses/check-point-waf-formerly-cloudguard-waf-review-12736414)

---

**"[Complex Setup, but Strong Security Features](https://www.g2.com/survey_responses/check-point-waf-formerly-cloudguard-waf-review-13110824)"**

**Rating:** 4.5/5.0 stars
*— Samiksha C.*

[Read full review](https://www.g2.com/survey_responses/check-point-waf-formerly-cloudguard-waf-review-13110824)

---



### 5. [Fastly&#39;s Web Application and API Security](https://www.g2.com/products/fastly-s-web-application-and-api-security/reviews)
Fastly’s AppSec solutions empower teams to mitigate threats and control bots while helping the business move faster, confidently. Protect Your Apps and APIs While Accelerating Growth with Fastly’s Next-Gen WAF, DDoS Protection, Bot Management, API Security, and more. Our solutions are designed to help you stop cyber threats from derailing your biggest moments, accelerate innovation while minimizing new risk, and govern bots without increasing user friction.


**Average Rating:** 4.2/5.0
**Total Reviews:** 29

**Who Is the Company Behind Fastly&#39;s Web Application and API Security?**

- **Seller:** [Fastly](https://www.g2.com/sellers/fastly)
- **Year Founded:** 2011
- **HQ Location:** San Francisco, California, United States
- **Twitter:** @Fastly (29,199 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/2602522/ (1,398 employees on LinkedIn®)
- **Ownership:** NYSE: FSLY

**Who Uses This Product?**
- **Top Industries:** Computer Software
- **Company Size:** 50% Mid-Market, 37% Enterprise


#### What Are Fastly&#39;s Web Application and API Security's Pros and Cons?

**Pros:**

- Ease of Use (5 reviews)
- Security (5 reviews)
- Customer Support (3 reviews)
- DDoS Protection (3 reviews)
- Protection (3 reviews)

**Cons:**

- Expensive (3 reviews)
- Poor Customer Support (3 reviews)
- Complex Configuration (2 reviews)
- Complex Setup (2 reviews)
- Complex Management (1 reviews)


### What Do G2 Reviewers Say About Fastly&#39;s Web Application and API Security?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of setup and implementation** of Fastly&#39;s Web Application and API Security, enhancing their experience.
- Users appreciate the **robust security features** of Fastly&#39;s Web Application and API Security, ensuring comprehensive protection.
- Users commend the **exceptional customer support** from Fastly, facilitating easy implementation and quick assistance for development teams.
- Users commend Fastly&#39;s Web Application and API Security for its **exceptional DDoS protection** and effective threat mitigation capabilities.
- Users value the **robust protection** Fastly&#39;s Web Application and API Security offers against various application attacks.

**Cons:**

- Users find the **pricing to be high** , especially for small projects and additional tech support needs.
- Users express frustration with **poor customer support** , often facing delays and inadequate assistance when needing help.
- Users find the **complex configuration** of Fastly&#39;s Web Application and API Security time-consuming and challenging to navigate.
- Users find the **complex setup** of Fastly&#39;s Web Application and API Security to be time-consuming and challenging.
- Users find the **complex management** of Fastly&#39;s Web Application and API Security challenging, affecting setup and rule navigation.

#### What Are Recent G2 Reviews of Fastly&#39;s Web Application and API Security?

**"[Perfect API Protection](https://www.g2.com/survey_responses/fastly-s-web-application-and-api-security-review-12332835)"**

**Rating:** 5.0/5.0 stars
*— Vladimir M.*

[Read full review](https://www.g2.com/survey_responses/fastly-s-web-application-and-api-security-review-12332835)

---

**"[It’s an easy to use and provides the better security to application, API and devops environment](https://www.g2.com/survey_responses/fastly-s-web-application-and-api-security-review-9336328)"**

**Rating:** 5.0/5.0 stars
*— Shakir K.*

[Read full review](https://www.g2.com/survey_responses/fastly-s-web-application-and-api-security-review-9336328)

---



### 6. [Rakuten SixthSense Observability](https://www.g2.com/products/rakuten-sixthsense-observability/reviews)
In today&#39;s digital landscape, businesses need a powerful and comprehensive Application Performance Monitoring (APM) solution to stay ahead of the curve. Introducing Rakuten SixthSense Observability - a next-generation APM tool that transforms the way you monitor, analyze, and optimize your applications and infrastructure. With its robust suite of features and advanced analytics, Rakuten SixthSense Observability empowers you to proactively identify and resolve issues, streamline operations, and enhance customer experiences. Key Capabilities: • Comprehensive Monitoring and Alerting: Rakuten SixthSense Observability offers end-to-end monitoring of your applications, infrastructure, and network performance. With real-time alerting and customizable dashboards, you can quickly detect issues and gain actionable insights into the health and performance of your systems. • Distributed Tracing and Correlation: Gain full visibility into your application&#39;s performance with distributed tracing, which tracks transactions and requests across multiple services and components. This feature helps you identify bottlenecks, latency issues, and errors, making it easier to optimize your application and enhance customer experiences. • Anomaly Detection and Machine Learning: Leverage Rakuten SixthSense&#39;s advanced machine learning capabilities to automatically identify unusual patterns and deviations in application performance and resource utilization. This proactive approach enables you to detect and resolve issues before they impact your business and customers. • Advanced Analytics and Visualization: Rakuten SixthSense&#39;s rich data visualization and analytics tools allow you to dive deep into your application performance data. Generate custom reports, analyze trends, and uncover hidden patterns that can drive continuous improvement and optimization. • Log Management and Integration: Effortlessly collect, analyze, and store logs from various sources with Rakuten SixthSense&#39;s integrated log management feature. This seamless integration enables you to correlate log data with performance metrics and traces, providing a comprehensive understanding of your application&#39;s behaviour. • Scalability and Flexibility: Rakuten SixthSense Observability is built to scale with your growing business needs, supporting a wide range of applications, services, and infrastructure. Its flexible architecture allows you to customize the tool to your specific requirements and integrate it with other monitoring and observability solutions. Current Feature set: • Application Performance Monitoring: Full stack visibility across Java, PHP, Node.js, Python, Go and a lot more! Key Features include, Distributed Tracing, Profiling, Database Monitoring • Infrastructure Monitoring: Get a birds-eye view of your infrastructure health and gain granular insights with easy deployment Key Features include Kubernetes, VMs, Web Servers, Cloud Integrations • Digital Experience Monitoring: Improve the end-user experience of your applications mapped with contextual information of application performance metrics • Browser Monitoring: Metrics to optimize end users’ experience and help in improving application performance. • Mobile Monitoring: Monitor crashes, performance &amp; usage metrics for your mobile applications • Synthetic Monitoring: Stimulate end-user transactions using low code, no code test scripts • VM Monitoring: VM monitoring capability lets you view your infrastructure performance and health of servers, virtual machines, containers, databases etc. at a glance. • SixthSense Cognitive Engine: Modern observability and the proactive approach using artificial intelligence. The application uses different AI/ML algorithms that can predict performance metrics with an accuracy of up to 98% and a confidence level of 90%.


**Average Rating:** 4.6/5.0
**Total Reviews:** 52
**How Do G2 Users Rate Rakuten SixthSense Observability?**

- **API Testing:** 9.3/10 (Category avg: 9.1/10)
- **API Monitoring:** 10.0/10 (Category avg: 8.9/10)

**Who Is the Company Behind Rakuten SixthSense Observability?**

- **Seller:** [Rakuten SixthSense](https://www.g2.com/sellers/rakuten-sixthsense-f1af4c23-8be7-4bf4-a775-a4d50eebce5d)
- **Year Founded:** 2016
- **HQ Location:** Bengaluru, IN
- **LinkedIn® Page:** https://www.linkedin.com/company/rakuten-sixthsense/ (5 employees on LinkedIn®)
- **Ownership:** TYO: 4755

**Who Uses This Product?**
- **Who Uses This:** Senior Software Engineer
- **Top Industries:** Information Technology and Services, Computer Games
- **Company Size:** 47% Enterprise, 38% Mid-Market


#### What Are Rakuten SixthSense Observability's Pros and Cons?

**Pros:**

- Monitoring (11 reviews)
- Alerting System (9 reviews)
- Customer Support (9 reviews)
- Ease of Use (9 reviews)
- Implementation Ease (9 reviews)

**Cons:**

- Complex Setup (3 reviews)
- Poor Documentation (3 reviews)
- Alert Issues (2 reviews)
- Inefficient Alert System (2 reviews)
- Insufficient Information (2 reviews)


### What Do G2 Reviewers Say About Rakuten SixthSense Observability?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **deep visibility** and AI-driven insights of Rakuten SixthSense for enhanced application performance monitoring.
- Users appreciate the **efficient alerting system** that simplifies monitoring and provides quick access to root causes.
- Users value the **excellent customer support** provided by Rakuten SixthSense, enhancing their experience with the platform.
- Users appreciate the **ease of use** of Rakuten SixthSense Observability, facilitating quick identification and resolution of performance issues.
- Users appreciate the **easy implementation** of Rakuten SixthSense, allowing quick access to vital performance insights.

**Cons:**

- Users find the **complex setup** necessary for Rakuten SixthSense Observability requires significant initial onboarding effort.
- Users feel the **documentation is lacking** , making setup and navigation more challenging than necessary.
- Users report issues with **false positive alerts** and desire enhanced functionality for error record notifications.
- Users experience **inefficient alert system** with false positives and a lack of timely dashboard notifications for monitoring.
- Users feel the **documentation needs improvement** , hindering effective usage of Rakuten SixthSense Observability.

#### What Are Recent G2 Reviews of Rakuten SixthSense Observability?

**"[A very good SAAS monitoring &amp; observability tool](https://www.g2.com/survey_responses/rakuten-sixthsense-observability-review-11287792)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Computer Games*

[Read full review](https://www.g2.com/survey_responses/rakuten-sixthsense-observability-review-11287792)

---

**"[Great monitoring tool!](https://www.g2.com/survey_responses/rakuten-sixthsense-observability-review-8230168)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Information Technology and Services*

[Read full review](https://www.g2.com/survey_responses/rakuten-sixthsense-observability-review-8230168)

---



### 7. [Astra Pentest](https://www.g2.com/products/astra-pentest/reviews)
Astra Security is a leading continuous penetration testing platform that combines AI-powered autonomous pentesting with certified expert-led assessments. Powered by Attack AI, trained on 6.8M+ security findings and insights from 5,000+ real-world pentests. Astra deploys intelligent agents that continuously discover, validate, prioritize, and help remediate vulnerabilities at scale. While AI handles speed and scale, Astra’s certified security experts focus on what automation alone cannot: complex business logic flaws, multi-step attack chains, advanced exploit paths, and emerging AI/LLM-specific threats. Built for modern engineering teams, Astra integrates directly into CI/CD workflows, enabling continuous security validation between releases instead of relying on outdated annual pentests. The platform delivers comprehensive Autonomous Pentest powered by AI agents, DAST vulnerability scanner and human-driven pentests across web apps, AI/LLMs, mobile apps, APIs, cloud infrastructure. Astra is CREST-accredited, CERT-IN empaneled, and a PCI ASV-certified vendor. Our team also led the development of the OWASP APTS framework, helping shape the industry standard for continuous security testing. Today, 1,500+ organizations across 70+ countries trust Astra Security, including Ford, Loom, CompTIA, Hitachi, HackerRank, and OLX.


**Average Rating:** 4.6/5.0
**Total Reviews:** 212
**How Do G2 Users Rate Astra Pentest?**

- **API Testing:** 10.0/10 (Category avg: 9.1/10)
- **API Monitoring:** 10.0/10 (Category avg: 8.9/10)

**Who Is the Company Behind Astra Pentest?**

- **Seller:** [ASTRA IT, Inc.](https://www.g2.com/sellers/astra-it-inc)
- **Company Website:** https://www.getastra.com/
- **Year Founded:** 2018
- **HQ Location:** New Delhi, IN
- **Twitter:** @getastra (694 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/getastra/ (130 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** CTO, CEO
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 66% Small-Business, 29% Mid-Market


#### What Are Astra Pentest's Pros and Cons?

**Pros:**

- Customer Support (63 reviews)
- Vulnerability Detection (51 reviews)
- Ease of Use (50 reviews)
- Pentesting Efficiency (42 reviews)
- Vulnerability Identification (37 reviews)

**Cons:**

- Poor Customer Support (12 reviews)
- Poor Interface Design (10 reviews)
- Slow Performance (8 reviews)
- UX Improvement (7 reviews)
- Lack of Information (6 reviews)


### What Do G2 Reviewers Say About Astra Pentest?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **responsive customer support** of Astra Pentest, enhancing their experience and ensuring smooth collaboration.
- Users value the **comprehensive vulnerability management features** of Astra Pentest, enhancing their ability to address security issues effectively.
- Users love the **ease of use** of Astra Pentest, appreciating its intuitive design and accessible features.
- Users commend Astra Pentest for its **efficient penetration testing** , enabling swift execution and effective communication throughout the process.
- Users value the **thorough vulnerability identification** of Astra Pentest, enhancing confidence and security in their development processes.

**Cons:**

- Users experience **poor customer support** , citing slow responses and difficulties with account setup and vulnerability inquiries.
- Users find the **poor interface design** of Astra Pentest to be clunky and not user-friendly, affecting usability.
- Users experience **slow performance** with Astra Pentest, affecting testing speed and response times for results.
- Users feel that the **UX could be improved** for a smoother experience, as navigation can sometimes be confusing.
- Users face a **lack of information** with Astra Pentest, as documentation and updates are often insufficient or slow to arrive.

#### What Are Recent G2 Reviews of Astra Pentest?

**"[Smooth Onboarding, Responsive Support, and Strong Pentest Lifecycle Controls](https://www.g2.com/survey_responses/astra-pentest-review-13001206)"**

**Rating:** 5.0/5.0 stars
*— Sivakumar S.*

[Read full review](https://www.g2.com/survey_responses/astra-pentest-review-13001206)

---

**"[Exceptional VAPT Solution with Prompt Support](https://www.g2.com/survey_responses/astra-pentest-review-9603864)"**

**Rating:** 5.0/5.0 stars
*— Nikhil Ajit S.*

[Read full review](https://www.g2.com/survey_responses/astra-pentest-review-9603864)

---


#### What Are G2 Users Discussing About Astra Pentest?

- [What is Astra Pentest used for?](https://www.g2.com/discussions/what-is-astra-pentest-used-for) - 2 comments

### 8. [Harness Platform](https://www.g2.com/products/harness-platform/reviews)
Simplify your developer experience with the world&#39;s first AI-augmented software delivery platform. Upgrade your software delivery with Harness&#39; innovative CI/CD, Feature Flags, Infrastructure as Code Management, and Chaos Engineering tools. We are a software delivery platform that helps developers and infrastructure engineers build and ship code for cloud and on-premise projects. We automate the continuous integration and continuous delivery (CI/CD) process to help teams build faster, ship more frequently, and improve quality, efficiency, and governance. We help companies in four key areas: Number one, we accelerate innovation through DevOps modernization. We provide an approach for software delivery that automates processes, reduces manual interventions, consolidates tools, and accelerates time-to-market for new products, features, and fixes. Number two, we improve developer experience. We give you the ability to attract, retain, and onboard high-caliber engineering talent while fostering a culture of continuous innovation and improvement. Number three, we secure software delivery. We give you the ability to integrate security into every phase of the SDLC. And last but not least is, we optimize cloud costs. We give you the ability to eliminate waste and to ensure that appropriate cloud resources are allocated at the right place at the right time.


**Average Rating:** 4.6/5.0
**Total Reviews:** 300
**How Do G2 Users Rate Harness Platform?**

- **API Testing:** 8.9/10 (Category avg: 9.1/10)
- **API Monitoring:** 9.8/10 (Category avg: 8.9/10)

**Who Is the Company Behind Harness Platform?**

- **Seller:** [Harness](https://www.g2.com/sellers/harness-25016f40-e80f-4417-bea8-39412055d17a)
- **Company Website:** https://harness.io/
- **Year Founded:** 2018
- **HQ Location:** San Francisco
- **Twitter:** @HarnessWealth (1,389 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/harnessinc/ (1,701 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Software Engineer, DevOps Engineer
- **Top Industries:** Computer Software, Financial Services
- **Company Size:** 43% Enterprise, 38% Mid-Market


#### What Are Harness Platform's Pros and Cons?

**Pros:**

- Ease of Use (114 reviews)
- Features (73 reviews)
- Feature Flags (49 reviews)
- Easy Setup (40 reviews)
- Easy Integrations (31 reviews)

**Cons:**

- Missing Features (23 reviews)
- Limitations (20 reviews)
- Limited Features (20 reviews)
- Learning Curve (17 reviews)
- Poor UI (16 reviews)


### What Do G2 Reviewers Say About Harness Platform?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of use** of Harness Platform, making implementation and configuration seamless and efficient.
- Users value the **ease of use and flexibility** in targeting features within the Harness Platform.
- Users appreciate the **user-friendly interface** of Harness Platform for easily managing and deploying feature flags.
- Users find the **easy setup** of Harness Platform quick and efficient, leading to immediate cost savings and satisfaction.
- Users value the **easy integrations** with SSO and tools that streamline software delivery on the Harness Platform.

**Cons:**

- Users note a **lack of multiple filters** in Harness Platform, limiting flexibility for advanced customization and usability.
- Users face **limitations in configuration management** , including issues with renaming and deleting toggles that complicate usability.
- Users note a **lack of multiple filters** and missing features in the Harness Platform, limiting its overall usability.
- Users find the **steep learning curve** challenging, particularly due to complicated settings and insufficient documentation.
- Users find the **UI complex and clunky** , which can complicate the overall user experience with the platform.

#### What Are Recent G2 Reviews of Harness Platform?

**"[Harness - World of automation](https://www.g2.com/survey_responses/harness-platform-review-11792426)"**

**Rating:** 4.5/5.0 stars
*— Sunil A.*

[Read full review](https://www.g2.com/survey_responses/harness-platform-review-11792426)

---

**"[Best tool for cost optimization and Repository](https://www.g2.com/survey_responses/harness-platform-review-11543262)"**

**Rating:** 5.0/5.0 stars
*— Satendra V.*

[Read full review](https://www.g2.com/survey_responses/harness-platform-review-11543262)

---


#### What Are G2 Users Discussing About Harness Platform?

- [What is Harness Continuous Delivery used for?](https://www.g2.com/discussions/what-is-harness-continuous-delivery-used-for) - 1 comment
- [What is Propelo used for?](https://www.g2.com/discussions/what-is-propelo-used-for)
- [What is Harness Cloud Cost Management used for?](https://www.g2.com/discussions/what-is-harness-cloud-cost-management-used-for)
- [What is the difference between harness and Jenkins?](https://www.g2.com/discussions/what-is-the-difference-between-harness-and-jenkins) - 1 comment
- [What is streaming Split IO?](https://www.g2.com/discussions/what-is-streaming-split-io) - 1 comment

### 9. [Orca Security](https://www.g2.com/products/orca-security/reviews)
The Orca Cloud Security Platform identifies, prioritizes, and remediates risks and compliance issues in workloads, configurations, and identities across your cloud estate spanning AWS, Azure, Google Cloud, Kubernetes, Alibaba Cloud, and Oracle Cloud. Orca offers the industry’s most comprehensive cloud security solution in a single platform — eliminating the need to deploy and maintain multiple point solutions. Orca is agentless-first, and connects to your environment in minutes using Orca’s patented SideScanning™ technology that provides deep and wide visibility into your cloud environment, without requiring agents. In addition, Orca can integrate with third-party agents for runtime visibility and protection for critical workloads. Orca is at the forefront of leveraging Generative AI for simplified investigations and accelerated remediation – reducing required skill levels and saving cloud security, DevOps, and development teams time and effort, while significantly improving security outcomes. As a Cloud Native Application Protection Platform (CNAPP), Orca consolidates many point solutions in one platform, including: CSPM, CWPP, CIEM, Vulnerability Management, Container and Kubernetes Security, DSPM, API Security, CDR, Multi-cloud Compliance, Shift Left Security, and AI-SPM.


**Average Rating:** 4.7/5.0
**Total Reviews:** 300
**How Do G2 Users Rate Orca Security?**

- **API Testing:** 7.5/10 (Category avg: 9.1/10)
- **API Monitoring:** 8.5/10 (Category avg: 8.9/10)

**Who Is the Company Behind Orca Security?**

- **Seller:** [Orca Security](https://www.g2.com/sellers/orca-security)
- **Company Website:** https://orca.security
- **Year Founded:** 2019
- **HQ Location:** Portland, Oregon
- **Twitter:** @orcasec (4,835 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/35573984/ (515 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Security Engineer, CISO
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 53% Enterprise, 38% Mid-Market


#### What Are Orca Security's Pros and Cons?

**Pros:**

- Ease of Use (13 reviews)
- Vulnerability Scanning (13 reviews)
- Features (11 reviews)
- Visibility (11 reviews)
- Comprehensive Security (9 reviews)

**Cons:**

- Security Vulnerabilities (6 reviews)
- Dashboard Issues (5 reviews)
- Delayed Detection (5 reviews)
- False Positives (5 reviews)
- Improvement Needed (5 reviews)


### What Do G2 Reviewers Say About Orca Security?
*AI-generated summary from verified user reviews*

**Pros:**

- Users praise the **ease of use** of Orca Security, appreciating its intuitive interface and quick setup process.
- Users value the **visibility and prioritization** of vulnerabilities provided by Orca Security, enhancing their cloud security posture.
- Users praise Orca Security for its **agentless features** , intuitive interface, and effective compliance and security modules.
- Users value the **exceptional visibility** provided by Orca Security, enhancing insight into their cloud environment effortlessly.
- Users value the **comprehensive security** features of Orca Security, enhancing visibility and ease of implementation across cloud environments.

**Cons:**

- Users note that Orca Security has **security vulnerabilities** , particularly regarding API security and vulnerable package detection.
- Users experience **dashboard issues** like cluttered information and slow performance, leading to navigation challenges and bugs.
- Users experience **delayed detection** with Orca Security due to slow scans and accumulated issues affecting troubleshooting efficiency.
- Users report frequent **false positives** in Orca Security, causing confusion over actual vulnerabilities in their systems.
- Users note that **improvement is needed** in reporting, automation, and granularity for a better Orca Security experience.

#### What Are Recent G2 Reviews of Orca Security?

**"[Orca Makes Shadow AI Agents Visible and Governable Across Our Cloud](https://www.g2.com/survey_responses/orca-security-review-13119948)"**

**Rating:** 5.0/5.0 stars
*— Bilal J.*

[Read full review](https://www.g2.com/survey_responses/orca-security-review-13119948)

---

**"[Orca Unifies AppSec, Cloud, and Agent Context in One Clear View](https://www.g2.com/survey_responses/orca-security-review-13096711)"**

**Rating:** 5.0/5.0 stars
*— Samuel J.*

[Read full review](https://www.g2.com/survey_responses/orca-security-review-13096711)

---


#### What Are G2 Users Discussing About Orca Security?

- [Where is Orca security based?](https://www.g2.com/discussions/where-is-orca-security-based) - 2 comments
- [How much does Orca security cost?](https://www.g2.com/discussions/how-much-does-orca-security-cost) - 1 comment
- [What is ORCA platform?](https://www.g2.com/discussions/what-is-orca-platform) - 1 comment
- [What does Orca Security do?](https://www.g2.com/discussions/what-does-orca-security-do) - 1 comment

### 10. [Azion](https://www.g2.com/products/azion/reviews)
Azion is the web platform that enables businesses to build, secure, and scale modern applications on a fully managed global infrastructure, with a robust suite of solutions for Application Development, cybersecurity, and AI. Azion allows developers to deploy applications closer to users, ensuring ultra-low latency and high availability. With Functions, you can run distributed serverless code, enhancing performance and reducing costs. For enhanced security, Azion’s Web Application Firewall (WAF) protects against cyber threats. Azion also provides SQL Storage, Object Storage and KV Storage, enabling fast, distributed data storage and retrieval. With Real-Time Metrics and Real-Time Events, businesses gain actionable insights into their applications and infrastructure, ensuring optimal performance and security. Global leaders like Prime Video, Neon, Global Fashion Group, and Radware trust Azion to deliver high-performance, secure digital experiences worldwide. Whether you&#39;re building AI-driven applications, securing your digital assets, or scaling globally, Azion provides the fastest path to modern applications. Discover how Azion can transform your digital experiences and empower your business to thrive in the digital age. Visit www.azion.com to learn more about our innovative solutions.


**Average Rating:** 4.7/5.0
**Total Reviews:** 31
**How Do G2 Users Rate Azion?**

- **API Testing:** 10.0/10 (Category avg: 9.1/10)
- **API Monitoring:** 9.2/10 (Category avg: 8.9/10)

**Who Is the Company Behind Azion?**

- **Seller:** [Azion](https://www.g2.com/sellers/azion)
- **Year Founded:** 2011
- **HQ Location:** Palo Alto, California, United States
- **LinkedIn® Page:** https://www.linkedin.com/company/aziontech (198 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Retail
- **Company Size:** 34% Enterprise, 28% Mid-Market


#### What Are Azion's Pros and Cons?

**Pros:**

- Customer Support (10 reviews)
- Ease of Use (8 reviews)
- Easy Integrations (7 reviews)
- Reliability (7 reviews)
- Performance (6 reviews)

**Cons:**

- Missing Features (2 reviews)
- Complexity (1 reviews)
- Difficult Learning (1 reviews)
- Difficult Learning Curve (1 reviews)
- Expensive (1 reviews)


### What Do G2 Reviewers Say About Azion?
*AI-generated summary from verified user reviews*

**Pros:**

- Users praise Azion for its **responsive and knowledgeable customer support** , ensuring smooth and efficient operations.
- Users find Azion to be **easy to use and integrate** , enhancing daily operations with minimal effort.
- Users find **easy integrations** with Azion to be seamless, enhancing their operational workflows and efficiency.
- Users commend Azion&#39;s **reliability** , consistently meeting expectations with excellent service and robust performance during high traffic periods.
- Users commend Azion for its **exceptional performance and reliability** , leading to improved user experience and business continuity.

**Cons:**

- Users are frustrated with Azion&#39;s **missing features** for Web3 and other essential integrations, impacting their workflow.
- Users find the **complexity of the administration console** challenging, requiring time to fully understand its features.
- Users find the **difficult learning curve** with Azion&#39;s administration console features frustrating and time-consuming.
- Users find the **difficult learning curve** of Azion challenging due to the unintuitive features in the administration console.
- Users desire more **flexibility in pricing** for Azion, indicating that it&#39;s currently considered expensive.

#### What Are Recent G2 Reviews of Azion?

**"[Azion as one of the main strategic partners in cybersecurity.](https://www.g2.com/survey_responses/azion-review-12544164)"**

**Rating:** 5.0/5.0 stars
*— Luciano K.*

[Read full review](https://www.g2.com/survey_responses/azion-review-12544164)

---

**"[Azion Services: Elevated Security and Impeccable Support](https://www.g2.com/survey_responses/azion-review-11910560)"**

**Rating:** 5.0/5.0 stars
*— Luciano G.*

[Read full review](https://www.g2.com/survey_responses/azion-review-11910560)

---



### 11. [Qodex.ai](https://www.g2.com/products/qodex-ai/reviews)
Qodex is a continuous testing platform that runs your test scenarios against your real app on every pull request and deploy, then shows you exactly what broke with the failing request, response, and screenshot.


**Average Rating:** 4.9/5.0
**Total Reviews:** 60
**How Do G2 Users Rate Qodex.ai?**

- **API Testing:** 10.0/10 (Category avg: 9.1/10)
- **API Monitoring:** 8.3/10 (Category avg: 8.9/10)

**Who Is the Company Behind Qodex.ai?**

- **Seller:** [QodexAI](https://www.g2.com/sellers/qodexai)
- **Company Website:** https://www.qodex.ai/
- **Year Founded:** 2023
- **HQ Location:** San Francisco, California
- **LinkedIn® Page:** https://linkedin.com/company/qodexai (13 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 75% Small-Business, 20% Mid-Market


#### What Are Qodex.ai's Pros and Cons?

**Pros:**

- Ease of Use (23 reviews)
- Automation (17 reviews)
- Testing (17 reviews)
- Testing Efficiency (17 reviews)
- Helpful (13 reviews)

**Cons:**

- Slow Loading (6 reviews)
- Poor Documentation (5 reviews)
- Slow Performance (5 reviews)
- Bug Issues (4 reviews)
- Bugs (4 reviews)


### What Do G2 Reviewers Say About Qodex.ai?
*AI-generated summary from verified user reviews*

**Pros:**

- Users highlight the **ease of use** of Qodex.ai, making it accessible for both technical and non-technical teams.
- Users value the **automation capabilities** of Qodex.ai, significantly enhancing efficiency in managing API testing processes.
- Users value the **ease of test case writing** with Qodex.ai, enhancing efficiency for developers and product managers.
- Users value the **high testing efficiency** of Qodex.ai, achieving 90% code coverage with minimal manual effort.
- Users find Qodex.ai **incredibly helpful** for quick integration and effective scenario analysis, boosting efficiency significantly.

**Cons:**

- Users experience **slow loading** times with the chatbot and reports, affecting overall efficiency and responsiveness.
- Users find the **poor documentation** a barrier to fully leverage Qodex.ai’s capabilities in advanced testing scenarios.
- Users experience **slow performance** with delayed chatbot responses and longer load times for reports on larger projects.
- Users report **bug issues** including repeated test cases and suggest improvements for bug reporting and flagging accuracy.
- Users report **bug reporting issues** , suggesting improvements for tagging and accuracy of critical and non-critical bugs.

#### What Are Recent G2 Reviews of Qodex.ai?

**"[Effortless AI Testing Automation That Accelerates Development](https://www.g2.com/survey_responses/qodex-ai-review-12088697)"**

**Rating:** 4.5/5.0 stars
*— Abhilash S.*

[Read full review](https://www.g2.com/survey_responses/qodex-ai-review-12088697)

---

**"[Effortless Automation and Insightful AI Testing with Qodex.ai](https://www.g2.com/survey_responses/qodex-ai-review-12065938)"**

**Rating:** 4.5/5.0 stars
*— Anshuk K.*

[Read full review](https://www.g2.com/survey_responses/qodex-ai-review-12065938)

---



### 12. [Intruder](https://www.g2.com/products/intruder/reviews)
Intruder&#39;s continuous exposure management platform helps security, IT, and engineering teams stop breaches before they start. By unifying AI penetration testing, attack surface monitoring, cloud security, and vulnerability management in one intuitive platform, Intruder gives stretched teams an always-on security source of truth. Our approach focuses on continuous automated scanning using expertise and agentic solutions to ensure that the findings we deliver are accurate, prioritized by real-world risk, and ready to act on. Founded in 2015 by Chris Wallis, a former ethical hacker turned corporate blue teamer, Intruder is now protecting over 3,000 companies worldwide. Intruder has been awarded multiple accolades, was selected for GCHQ’s Cyber Accelerator, included on Deloitte’s Tech Fast 50 2023 list as the fastest-growing cybersecurity company in the UK and was named in G2’s 2026 Best Software Awards.


**Average Rating:** 4.8/5.0
**Total Reviews:** 207
**How Do G2 Users Rate Intruder?**

- **API Testing:** 8.7/10 (Category avg: 9.1/10)
- **API Monitoring:** 8.9/10 (Category avg: 8.9/10)

**Who Is the Company Behind Intruder?**

- **Seller:** [Intruder](https://www.g2.com/sellers/intruder)
- **Company Website:** https://www.intruder.io
- **Year Founded:** 2015
- **HQ Location:** London
- **Twitter:** @intruder_io (979 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/6443623/ (83 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** CTO, Director
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 57% Small-Business, 36% Mid-Market


#### What Are Intruder's Pros and Cons?

**Pros:**

- Ease of Use (41 reviews)
- Vulnerability Detection (30 reviews)
- Customer Support (25 reviews)
- User Interface (24 reviews)
- Vulnerability Identification (24 reviews)

**Cons:**

- Expensive (9 reviews)
- Slow Scanning (8 reviews)
- Licensing Issues (7 reviews)
- False Positives (6 reviews)
- Limited Features (6 reviews)


### What Do G2 Reviewers Say About Intruder?
*AI-generated summary from verified user reviews*

**Pros:**

- Users find Intruder&#39;s **ease of use** exceptional, facilitating rapid setup and straightforward configuration for cloud resources.
- Users value the **super easy configuration and automated scanning** of Intruder, enhancing security across cloud environments.
- Users highly value Intruder&#39;s **responsive customer support** , enhancing their cybersecurity management experience with timely assistance.
- Users love Intruder&#39;s **intuitive interface** , which simplifies security tasks and integrates seamlessly with essential tools.
- Users commend the **efficient vulnerability identification** of Intruder, praising its ease of use and automated scanning features.

**Cons:**

- Users find the pricing to be **expensive** , expressing a desire for more flexible and cost-effective models.
- Users report **slow scanning** issues with Intruder, missing some SQL injections and lacking mobile device support.
- Users find **licensing issues** with Intruder challenging, particularly in understanding the model and its application to scans.
- Users report experiencing **false positives** , making it challenging to prioritize critical vulnerabilities effectively.
- Users find the **limited features** in Intruder, such as rigid licensing and reporting controls, somewhat frustrating.

#### What Are Recent G2 Reviews of Intruder?

**"[Reliable Service with Flexible Plans and Strong Support](https://www.g2.com/survey_responses/intruder-review-13110046)"**

**Rating:** 4.0/5.0 stars
*— Ossama M.*

[Read full review](https://www.g2.com/survey_responses/intruder-review-13110046)

---

**"[Revolutionized Our Vulnerability Management with Real-Time Insights](https://www.g2.com/survey_responses/intruder-review-13100568)"**

**Rating:** 4.5/5.0 stars
*— Verified User*

[Read full review](https://www.g2.com/survey_responses/intruder-review-13100568)

---


#### What Are G2 Users Discussing About Intruder?

- [Who developed intruder?](https://www.g2.com/discussions/who-developed-intruder)
- [What is an intruder in cyber security?](https://www.g2.com/discussions/what-is-an-intruder-in-cyber-security)
- [Is intruder IO safe?](https://www.g2.com/discussions/is-intruder-io-safe) - 1 comment
- [What is intruder software?](https://www.g2.com/discussions/what-is-intruder-software) - 1 comment

### 13. [FortiAppSec Cloud](https://www.g2.com/products/fortiappsec-cloud/reviews)
FortiAppSec Cloud - the next evolution of FortiWeb Cloud - simplifies and strengthens web application security and delivery across your cloud environments. This SaaS platform secures network availability and accelerates application performance while delivering consistent security against web-based threats. The AI-driven engine detects zero-day exploits and unknown threats, maximizing detection accuracy while securing the user experience and minimizing false positives. FortiAppSec Cloud is unified platform that provides comprehensive web application and API protection (WAAP) with a single management interface. It includes: • GenAI-ready protection for known and zero-day threat detection • ML-driven bad bot behavioral analysis to fend off sophisticated bots • Advanced API discovery and security • Built-in DAST allows for vulnerability scanning and patching in advance • Global server load balancing and CDN provide optimized application availability and performance. • Threat analytics helps prioritize security events for operational efficiency.


**Average Rating:** 4.4/5.0
**Total Reviews:** 29
**How Do G2 Users Rate FortiAppSec Cloud?**

- **API Testing:** 6.7/10 (Category avg: 9.1/10)
- **API Monitoring:** 8.3/10 (Category avg: 8.9/10)

**Who Is the Company Behind FortiAppSec Cloud?**

- **Seller:** [Fortinet](https://www.g2.com/sellers/fortinet)
- **Company Website:** https://www.fortinet.com
- **Year Founded:** 2000
- **HQ Location:** Sunnyvale, CA
- **Twitter:** @Fortinet (151,422 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/6460/ (16,279 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer &amp; Network Security, Information Technology and Services
- **Company Size:** 61% Mid-Market, 19% Enterprise


#### What Are FortiAppSec Cloud's Pros and Cons?

**Pros:**

- Security (13 reviews)
- Protection (10 reviews)
- Cybersecurity (8 reviews)
- Ease of Use (8 reviews)
- Features (8 reviews)

**Cons:**

- UX Improvement (9 reviews)
- Slow Performance (8 reviews)
- User Interface Issues (8 reviews)
- Complex Configuration (7 reviews)
- Complex Setup (7 reviews)


### What Do G2 Reviewers Say About FortiAppSec Cloud?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **robust security measures** of FortiAppSec Cloud, highlighting its AI-driven and comprehensive protection capabilities.
- Users appreciate the **automatic security and centralized dashboard** of FortiAppSec Cloud, enhancing efficiency and visibility.
- Users value the **advanced security features** of FortiAppSec Cloud, effectively mitigating threats with a unified console.
- Users value the **ease of use** of FortiAppSec Cloud, highlighting its straightforward setup and intuitive management.
- Users value the **ease of deployment and AI-driven automation** in FortiAppSec Cloud for optimized web app security.

**Cons:**

- Users find the **UI/UX lacks intuitiveness** , making navigation and setup challenging for newcomers to FortiAppSec Cloud.
- Users experience **slow performance** during high traffic, affecting the overall effectiveness of FortiAppSec Cloud.
- Users find the **user interface issues** challenging, hindering the overall experience and effectiveness of the product.
- Users find the **complex configuration** for initial setup challenging, particularly affecting first-time users&#39; experience.
- Users find the **complex setup** of FortiAppSec Cloud challenging, particularly for first-time configuration and advanced policies.

#### What Are Recent G2 Reviews of FortiAppSec Cloud?

**"[Centralized Threat Management, Easy Setup](https://www.g2.com/survey_responses/fortiappsec-cloud-review-12342944)"**

**Rating:** 4.0/5.0 stars
*— Manav S.*

[Read full review](https://www.g2.com/survey_responses/fortiappsec-cloud-review-12342944)

---

**"[Easy-to-Implement AppSec with Strong Signature Detection, Bot Protection, and Cloud Integration](https://www.g2.com/survey_responses/fortiappsec-cloud-review-12389870)"**

**Rating:** 5.0/5.0 stars
*— Prasanth K.*

[Read full review](https://www.g2.com/survey_responses/fortiappsec-cloud-review-12389870)

---


#### What Are G2 Users Discussing About FortiAppSec Cloud?

- [What is the use of Fortinet?](https://www.g2.com/discussions/what-is-the-use-of-fortinet)
- [How does Fortinet WAF work?](https://www.g2.com/discussions/how-does-fortinet-waf-work)
- [How many layers does the FortiWeb machine learning engine use?](https://www.g2.com/discussions/how-many-layers-does-the-fortiweb-machine-learning-engine-use)
- [How do you use FortiWeb?](https://www.g2.com/discussions/how-do-you-use-fortiweb)

### 14. [Pynt - API Security Testing](https://www.g2.com/products/pynt-api-security-testing/reviews)
Pynt is an innovative API Security Testing platform exposing verified API threats through simulated attacks. Hundreds of companies rely on Pynt to continuously monitor, classify and attack poorly secured APIs, before hackers do.


**Average Rating:** 4.8/5.0
**Total Reviews:** 44
**How Do G2 Users Rate Pynt - API Security Testing?**

- **API Testing:** 8.7/10 (Category avg: 9.1/10)
- **API Monitoring:** 8.8/10 (Category avg: 8.9/10)

**Who Is the Company Behind Pynt - API Security Testing?**

- **Seller:** [Pynt](https://www.g2.com/sellers/pynt)
- **Year Founded:** 2022
- **HQ Location:** Tel Aviv, IL
- **Twitter:** @pynt_io (361 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/pynt (16 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software, Computer &amp; Network Security
- **Company Size:** 57% Small-Business, 23% Enterprise


#### What Are Pynt - API Security Testing's Pros and Cons?

**Pros:**

- Vulnerability Detection (20 reviews)
- Security (18 reviews)
- API Management (17 reviews)
- Easy Integrations (16 reviews)
- Automation (15 reviews)

**Cons:**

- Complex Setup (11 reviews)
- Setup Complexity (6 reviews)
- Limited Features (4 reviews)
- Poor Interface Design (4 reviews)
- UX Improvement (4 reviews)


### What Do G2 Reviewers Say About Pynt - API Security Testing?
*AI-generated summary from verified user reviews*

**Pros:**

- Users commend Pynt for its **auto-generation of security tests** , making vulnerability detection accessible for all development teams.
- Users commend Pynt for its **impressive security engine** that effectively identifies critical API vulnerabilities quickly.
- Users value the **seamless integration** of Pynt into CI/CD pipelines for automated API security testing and vulnerability identification.
- Users appreciate the **easy integration** of Pynt with their SDLC, enhancing automated API security without disrupting workflows.
- Users highlight the **automation capabilities** of Pynt, streamlining API security tasks and enhancing efficiency in development workflows.

**Cons:**

- Users find the **complex setup** of Pynt challenging, often requiring support which complicates the initial experience.
- Users find the **setup complexity** challenging, often needing support and seeking a more user-friendly interface.
- Users experience **limited features** in Pynt, particularly in reporting, dashboard options, and onboarding processes for complex APIs.
- Users find the **user interface challenging** , especially beginners who struggle with navigation and setup.
- Users find the **user interface challenging** , suggesting improvements for a more user-friendly experience in Pynt.

#### What Are Recent G2 Reviews of Pynt - API Security Testing?

**"[Comprehensive Review of Pynt Tool](https://www.g2.com/survey_responses/pynt-api-security-testing-review-10046930)"**

**Rating:** 5.0/5.0 stars
*— Vijayaraghavan (Vijay) V.*

[Read full review](https://www.g2.com/survey_responses/pynt-api-security-testing-review-10046930)

---

**"[Performance and Usability Review of pynt G2](https://www.g2.com/survey_responses/pynt-api-security-testing-review-11135423)"**

**Rating:** 5.0/5.0 stars
*— Devanggiri G.*

[Read full review](https://www.g2.com/survey_responses/pynt-api-security-testing-review-11135423)

---



### 15. [Escape](https://www.g2.com/products/escape/reviews)
Escape automates the full offensive security lifecycle, multiplying the impact of every security engineer tenfold. Our key products: 1. Attack Surface Management: Discover and validate exposure of modern applications, APIs, and infrastructure from code to cloud. 2. Business-logic-aware DAST: Replace legacy DAST with business-logic-aware testing that improves over time and helps your team remediate real, exploitable vulnerabilities. 3. AI Pentesting: Replace manual pentest and bug bounty programs with a solution that scales. Escape is a customer-centric company, supporting more than 2000+ security teams worldwide, and we have the privilege of working with exceptional companies like Schibsted (Media), HealthEquity (Healthcare), Applied (InsurTech), Visma &amp; Miro (Tech), DoubleVerify (AdTech), Thinkific (EdTech), and many others.


**Average Rating:** 4.9/5.0
**Total Reviews:** 10
**How Do G2 Users Rate Escape?**

- **API Testing:** 9.2/10 (Category avg: 9.1/10)
- **API Monitoring:** 8.5/10 (Category avg: 8.9/10)

**Who Is the Company Behind Escape?**

- **Seller:** [Escape](https://www.g2.com/sellers/escape)
- **Company Website:** https://escape.tech/
- **Year Founded:** 2020
- **HQ Location:** Paris, France
- **Twitter:** @escapetechHQ (345 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/escapetech/ (61 employees on LinkedIn®)

**Who Uses This Product?**
- **Company Size:** 50% Small-Business, 40% Mid-Market


#### What Are Escape's Pros and Cons?

**Pros:**

- Ease of Use (3 reviews)
- Easy Integrations (2 reviews)
- Scanning Technology (2 reviews)
- Security (2 reviews)
- API Management (1 reviews)

**Cons:**

- Complex Setup (1 reviews)
- Difficult Upgrades (1 reviews)
- Limited Features (1 reviews)
- Missing Features (1 reviews)
- Update Issues (1 reviews)


### What Do G2 Reviewers Say About Escape?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of use** of Escape, facilitating integration and management of complex scanning tasks.
- Users value the **easy integrations** of Escape, enhancing workflow and supporting seamless CI/CD processes.
- Users appreciate the **advanced scanning technology** of Escape, which simplifies complex scans and boosts API security management.
- Users value the **robust security features** of Escape, effectively managing API vulnerabilities and ensuring endpoint safety.
- Users value the **effective API security management** of Escape, successfully addressing vulnerabilities often overlooked by others.

**Cons:**

- Users find the **complex setup** of Escape challenging at times, despite appreciating the tool&#39;s ongoing updates and improvements.
- Users face **difficult upgrades** that require adjustments, but the benefits of the tool make it worthwhile.
- Users note the **limited features** due to it being a startup, though improvements are actively being planned.
- Users note the **missing features** in Escape, but appreciate the commitment to roadmap updates based on feedback.
- Users experience **update issues** that require adjustment, but overall benefits of the platform remain appreciated.

#### What Are Recent G2 Reviews of Escape?

**"[Fast, Transparent DAST with Excellent GraphQL Handling and Strong Support](https://www.g2.com/survey_responses/escape-review-12978297)"**

**Rating:** 4.0/5.0 stars
*— Varun S.*

[Read full review](https://www.g2.com/survey_responses/escape-review-12978297)

---

**"[Excellent DAST disruptor](https://www.g2.com/survey_responses/escape-review-11666781)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Information Technology and Services*

[Read full review](https://www.g2.com/survey_responses/escape-review-11666781)

---



### 16. [Cequence Security](https://www.g2.com/products/cequence-security/reviews)
Cequence protects the applications and data that power enterprises in the agentic era. More than a decade of bot defense and API security experience has established Cequence as the leader of safe and secure agentic AI adoption. The Cequence platform delivers deep insight into user, entity, and agent behavior, enabling organizations to secure and control agentic AI workflows while protecting against bad actors and rogue agents. Cequence delivers value in minutes rather than days or weeks with a highly scalable, no-code approach. Trusted by the largest and most demanding private and public sector organizations, Cequence protects more than 10 billion daily API interactions and 4 billion user accounts. Agentic AI Governance – Every Agent, Under Control The Cequence AI Gateway provides security, governance, and control for agentic AI workflows, enabling organizations to unlock AI-driven productivity and growth. Built-in governance and guardrails constrain agent behavior using capabilities that include least privilege access, rate-limiting, and sensitive data protection. The AI Gateway’s agentic zero trust architecture enables enterprises to confidently deploy agentic workflows for internal productivity and customer-facing experiences. Bot Management – Bot Detection, Mitigation, and Fraud Prevention Cequence Bot Management protects organizations from the full range of automated attacks to prevent data loss, theft, and fraud. Bot Management is network based, requiring no agents, JavaScript, or SDKs. Behavioral fingerprints and multi-dimensional analytics provide a deep understanding of business context to identify and natively block attacks in real time. It mitigates a wide variety of cyberattacks including business logic attacks, exploits, automated bot activity, online fraud, and OWASP API Security Top 10 threats. API Security – API Security Posture Management, Testing, and Remediation Cequence API Security is an AI-first solution that discovers, monitors, and tests APIs, assessing a broad range of risks that often lead to compliance or governance issues, data loss, and business disruption. Providing complete visibility and monitoring of internal, external, and third-party APIs, Cequence helps organizations keep up with API changes, uncover sensitive data exposure, and identify vulnerabilities and security risks including those in the OWASP API Security Top 10. Built-in API security testing enables organizations to test their pre-production and runtime APIs against specifications – and automatically generate them if specs are not available. The AI Assistant guides practitioners of all skill levels from day one and the built-in MCP server enables teams to integrate API Security into their internal agentic workflows. API Security lays the groundwork to ensure that you are fully aware of the risks inherent in your API applications and enables you to remediate critical security issues before they are exploited by attackers.


**Average Rating:** 4.6/5.0
**Total Reviews:** 55
**How Do G2 Users Rate Cequence Security?**

- **API Testing:** 8.4/10 (Category avg: 9.1/10)
- **API Monitoring:** 9.2/10 (Category avg: 8.9/10)

**Who Is the Company Behind Cequence Security?**

- **Seller:** [Cequence Security](https://www.g2.com/sellers/cequence-security)
- **Company Website:** https://www.cequence.ai/
- **Year Founded:** 2014
- **HQ Location:** Santa Clara, CA
- **Twitter:** @cequenceai (689 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/10510476 (158 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Telecommunications, Information Technology and Services
- **Company Size:** 40% Small-Business, 35% Enterprise


#### What Are Cequence Security's Pros and Cons?

**Pros:**

- Protection (9 reviews)
- Security (8 reviews)
- Time-Saving (5 reviews)
- Vulnerability Detection (4 reviews)
- API Management (3 reviews)

**Cons:**

- Complex Setup (9 reviews)
- Difficult Learning Curve (5 reviews)
- Slow Performance (3 reviews)
- Dashboard Performance (2 reviews)
- False Positives (2 reviews)


### What Do G2 Reviewers Say About Cequence Security?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **powerful protection** of Cequence Security against sophisticated bot attacks, enhancing overall account security.
- Users value the **powerful bot attack detection** of Cequence Security, enhancing overall protection against sophisticated cyber threats.
- Users appreciate the **time-saving automation** of Cequence Security, significantly reducing manual efforts for improved security efficiency.
- Users value the **vulnerability detection capabilities** of Cequence Security for enhancing API security and blocking advanced bots.
- Users appreciate the **visibility and security** offered by Cequence, making API management and bot defense highly effective.

**Cons:**

- Users find the **complex setup** of Cequence Security challenging, requiring significant time to fine-tune configurations effectively.
- Users find the **difficult learning curve** of Cequence Security challenging, requiring significant time and technical expertise for optimal use.
- Users experience **slow performance** with Cequence Security, especially during large data queries and incident responses.
- Users experience **dashboard performance issues** with lag during large queries, impacting decision-making efficiency and clarity.
- Users experience **false positives** with Cequence Security, which complicates traffic management and security measures.

#### What Are Recent G2 Reviews of Cequence Security?

**"[Mitigating and Secure our APIs](https://www.g2.com/survey_responses/cequence-security-review-12400189)"**

**Rating:** 5.0/5.0 stars
*— Owen P.*

[Read full review](https://www.g2.com/survey_responses/cequence-security-review-12400189)

---

**"[Reliable API Traffic Visibility and Bot Attack Protection](https://www.g2.com/survey_responses/cequence-security-review-12440501)"**

**Rating:** 4.0/5.0 stars
*— karthik k.*

[Read full review](https://www.g2.com/survey_responses/cequence-security-review-12440501)

---


#### What Are G2 Users Discussing About Cequence Security?

- [What is Cequence Security used for?](https://www.g2.com/discussions/what-is-cequence-security-used-for) - 1 comment

### 17. [Edgescan](https://www.g2.com/products/edgescan/reviews)
What Is Edgescan? Edgescan is a cybersecurity company that helps organizations proactively identify, validate, and prioritize vulnerabilities across their applications, API’s and digital landscape. The company specializes in continuous vulnerability assessment, automated penetration testing, Attack Surface Management and Penetration Testing as a Service (PTaaS). Edgescan combines advanced automation with certified security experts, including professionals holding credentials such as CREST and OSCP, to deliver highly accurate and actionable security testing. This hybrid approach allows organizations to move beyond traditional point-in-time penetration tests and operate a continuous proactive cybersecurity program. The Edgescan platform is designed primarily for web application and API security, enabling organizations to continuously assess their attack surface and identify vulnerabilities throughout the development lifecycle but also delivers “full stack” coverage to detect host layer CVE’s. With a client retention rate of over 90%, Edgescan has built long-term partnerships by delivering measurable improvements in security efficiency, risk visibility, and vulnerability management. Key Features and Capabilities of Edgescan Automated Penetration Testing Edgescan uses intelligent automation to continuously assess applications, APIs, hosts, and cloud environments for vulnerabilities. This enables frequent, scalable security testing across modern and distributed architectures. Human‑Validated Testing Findings are reviewed and manually validated by certified security experts to eliminate false positives and provide deeper insight into real‑world exploitability. Each result is accurate, contextual, and actionable. Penetration Testing as a Service (PTaaS) Edgescan’s PTaaS model extends beyond automated testing by allowing expert testers to focus on vulnerabilities that require human analysis, including: • Business logic flaws • Authentication and authorization weaknesses • Context-dependent exposures • Complex attack chains and privilege escalation paths Cyber Analytics and AI‑Assisted Validation AI-driven analysis enhances detection, verifies exploitability, and increases accuracy. This reduces noise and gives security teams a clearer picture of genuine threats. Integrated Threat Intelligence Edgescan correlates vulnerabilities with real-world threat intelligence, including known exploits and ransomware activity to help organizations prioritize the most dangerous exposures first. Risk‑Based Prioritization Findings are prioritized based on exploitability, severity, threat context, and business impact, ensuring teams focus on the issues that matter most. Primary Value: What Edgescan Solves for Clients Edgescan enables organizations to shift from reactive vulnerability management to a continuous, proactive security model. Traditional scanners and periodic penetration tests frequently produce large volumes of unvalidated findings. This creates noise and forces security teams to spend hours determining which issues are real and critical. Edgescan solves this by combining: Automation for continuous testing Human expertise for validation and complex analysis Cyber analytics and AI for accuracy and prioritization Key Benefits Significant efficiency gains: reducing thousands of hours spent on manual validation. Higher accuracy, thanks to expert‑validated findings and reduced false positives. Clear prioritization, using threat intelligence and ransomware insights to highlight the highest‑risk exposures. Continuous security improvement, enabling rapid detection, faster remediation, and scalable vulnerability management. By unifying automation, human expertise, AI, and threat intelligence, Edgescan empowers organizations to maintain a continuous cybersecurity program that strengthens overall security posture while dramatically reducing operational burden.


**Average Rating:** 4.7/5.0
**Total Reviews:** 53
**How Do G2 Users Rate Edgescan?**

- **API Testing:** 8.8/10 (Category avg: 9.1/10)
- **API Monitoring:** 8.9/10 (Category avg: 8.9/10)

**Who Is the Company Behind Edgescan?**

- **Seller:** [Edgescan](https://www.g2.com/sellers/edgescan)
- **Company Website:** https://www.edgescan.com
- **Year Founded:** 2017
- **HQ Location:** Dublin, Dublin
- **Twitter:** @edgescan (2,256 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/2928425/ (89 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 31% Enterprise, 31% Mid-Market


#### What Are Edgescan's Pros and Cons?

**Pros:**

- Ease of Use (25 reviews)
- Vulnerability Detection (24 reviews)
- Customer Support (19 reviews)
- Vulnerability Identification (19 reviews)
- Features (18 reviews)

**Cons:**

- Complex UI (5 reviews)
- Limited Customization (5 reviews)
- Poor Interface Design (5 reviews)
- Slow Performance (5 reviews)
- UX Improvement (5 reviews)


### What Do G2 Reviewers Say About Edgescan?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate Edgescan&#39;s **ease of use** , enjoying its intuitive interface and streamlined navigation for effective vulnerability management.
- Users value the **automated vulnerability detection** with intuitive reports, timely alerts, and effective risk management features.
- Users value the **excellent customer support** from Edgescan, praising the team&#39;s responsiveness and proactive assistance.
- Users value the **thorough vulnerability identification** features of Edgescan, enhancing risk management and resolution efficiency.
- Users value the **robust features** of Edgescan, which streamline security assessments and enhance ease of use.

**Cons:**

- Users find the **complex UI** challenging initially, with navigation issues and a need for improved dashboard functionality.
- Users highlight **limited customization** options in Edgescan, particularly regarding filtering and admin functionalities.
- Users find the **poor interface design** of Edgescan challenging, affecting usability and data accessibility.
- Users report experiencing **slow performance** as scans can take longer due to manual review processes.
- Users find the **UI not user friendly** , lacking intuitiveness and advanced features for better navigation and data accessibility.

#### What Are Recent G2 Reviews of Edgescan?

**"[Exceptional Security Scanning with Top-Notch Support](https://www.g2.com/survey_responses/edgescan-review-9636105)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Entertainment*

[Read full review](https://www.g2.com/survey_responses/edgescan-review-9636105)

---

**"[Edgescan: Easy Setup, Clear Insights, and Expert Security Support](https://www.g2.com/survey_responses/edgescan-review-12224347)"**

**Rating:** 5.0/5.0 stars
*— Matt W.*

[Read full review](https://www.g2.com/survey_responses/edgescan-review-12224347)

---


#### What Are G2 Users Discussing About Edgescan?

- [What is edgescan used for?](https://www.g2.com/discussions/what-is-edgescan-used-for) - 1 comment

### 18. [Wallarm API Security Platform](https://www.g2.com/products/wallarm-api-security-platform/reviews)
Protect any API. In any environment. Against any threats. Wallarm is the platform security teams choose to protect cloud-native APIs. The Wallarm platform gives teams the ability to detect and block API attacks. Customers choose Wallarm because it delivers a complete inventory of their APIs, AI apps, and agentic AI, along with patented AI/ML API abuse detection, real-time blocking on day zero, and an API SOC-as-a-service. Whether you protect legacy or brand new cloud-native APIs, Wallarm’s multi-cloud platform delivers the capabilities to secure your business against emerging threats. -\&gt; Robust protection for the entire API and AI portfolio Mitigate the OWASP API Top 10 threats and more; business logic abuse, bad bots, account takeover (ATO), and more. Get the robust API protection that no other tool can provide. -\&gt; Native inline blocking Wallarm is built from the ground up for inline blocking. Why deploy API security that can’t actually defend against API attacks? -\&gt; Unparalleled visibility into malicious traffic Gain full insights about attacks and attackers in the responsive Wallarm Console. Enjoy the Dashboard, search, and reporting capabilities, including visibility into API sessions. -\&gt; Complete API inventory Wallarm API Discovery provides full visibility into all your APIs, AI apps, and AI agents, including sensitive data flows, risk posture, shadow APIs and change detection. -\&gt; Understand Your Attack Surface You can’t protect what you don’t know about. Wallarm provides a comprehensive view of your API attack surface, including assessment of security controls and leaked sensitive API data. -\&gt; Quick integrations Setup cross-team collaboration with seamless integrations to your SIEM/SOAR, messaging applications, and workflow management.


**Average Rating:** 4.7/5.0
**Total Reviews:** 93
**How Do G2 Users Rate Wallarm API Security Platform?**

- **API Testing:** 9.2/10 (Category avg: 9.1/10)
- **API Monitoring:** 9.1/10 (Category avg: 8.9/10)

**Who Is the Company Behind Wallarm API Security Platform?**

- **Seller:** [Wallarm](https://www.g2.com/sellers/wallarm)
- **Company Website:** https://wallarm.com/
- **Year Founded:** 2016
- **HQ Location:** San Francisco, California
- **Twitter:** @wallarm (3,197 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/4871419/ (171 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** CTO, CEO
- **Top Industries:** Mechanical or Industrial Engineering, Information Technology and Services
- **Company Size:** 43% Mid-Market, 42% Small-Business


#### What Are Wallarm API Security Platform's Pros and Cons?

**Pros:**

- Protection (3 reviews)
- Security (3 reviews)
- Threat Detection (3 reviews)
- Real-time Monitoring (2 reviews)
- Vulnerability Detection (2 reviews)

**Cons:**

- API Issues (1 reviews)
- Complex Configuration (1 reviews)
- Complexity (1 reviews)
- Complex Setup (1 reviews)
- Difficult Learning (1 reviews)


### What Do G2 Reviewers Say About Wallarm API Security Platform?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **accurate real-time API threat detection** of Wallarm, ensuring robust protection with minimal false positives.
- Users value the **accurate real-time threat detection** of Wallarm API Security Platform, ensuring robust API protection with minimal false positives.
- Users value the **accurate real-time threat detection** of Wallarm API Security Platform, ensuring robust API security with minimal false positives.
- Users value the **real-time monitoring** of Wallarm API Security Platform, ensuring accurate threat detection and minimal false positives.
- Users value the **accurate real-time API threat detection** of Wallarm, which minimizes false positives effectively.

**Cons:**

- Users express concerns about **API issues** , specifically regarding undisclosed pricing during the trial period affecting transparency.
- Users find the **configuration process complex** , which can be challenging and time-consuming, especially for newcomers.
- Users find the **configuration complexity** of Wallarm API Security Platform to be daunting and time-consuming for newcomers.
- Users find the **configuration and tuning process complex** , leading to a challenging experience for newcomers.
- Users find the **difficult learning** curve challenging, especially during the initial setup and configuration stages.

#### What Are Recent G2 Reviews of Wallarm API Security Platform?

**"[Accurate Real-Time API Threat Detection with Minimal False Positives](https://www.g2.com/survey_responses/wallarm-api-security-platform-review-12169348)"**

**Rating:** 4.5/5.0 stars
*— Adesh  R.*

[Read full review](https://www.g2.com/survey_responses/wallarm-api-security-platform-review-12169348)

---

**"[Revolutionized Our API Security, Peace of Mind Restored](https://www.g2.com/survey_responses/wallarm-api-security-platform-review-13106283)"**

**Rating:** 5.0/5.0 stars
*— Revell B.*

[Read full review](https://www.g2.com/survey_responses/wallarm-api-security-platform-review-13106283)

---


#### What Are G2 Users Discussing About Wallarm API Security Platform?

- [How has Wallarm API Security Platform supported your cybersecurity efforts, and what features do you rely on most?](https://www.g2.com/discussions/how-has-wallarm-api-security-platform-supported-your-cybersecurity-efforts-and-what-features-do-you-rely-on-most)
- [What is Wallarm API Security Platform used for?](https://www.g2.com/discussions/what-is-wallarm-api-security-platform-used-for)

### 19. [Levo.ai](https://www.g2.com/products/levo-ai/reviews)
APIs are no longer technical plumbing. They are the foundation of modern business, powering customer experiences, partner ecosystems, and digital revenue streams. But with that centrality comes risk. Unsecured APIs are now the leading cause of breaches, compliance failures, and stalled innovation. Levo exists to change this. We are the first platform to deliver true end-to-end API Security. From continuous discovery and automated documentation to exploit aware testing, policy-driven monitoring, passive detection, and inline protection, Levo covers every phase of the API lifecycle. Our architecture was designed from first principles: 1. Privacy preserving architecture: no sensitive data leaves your environment. 2. Cost efficient: lightweight sensors that run on minimal compute, saving enterprises hundreds of thousands in inflated cloud costs. 3. Developer aligned: seamless workflows that integrate directly into CI/CD, removing friction instead of adding it. This foundation gives enterprises something legacy tools never could: clarity across every API, precision in detecting real risks, and the confidence to block attacks without breaking business. With Levo, security does not slow down APIs. It scales them, safely, compliantly, and at the speed of modern business. Our vision is simple: a world where security and growth are never tradeoffs.


**Average Rating:** 4.8/5.0
**Total Reviews:** 13
**How Do G2 Users Rate Levo.ai?**

- **API Testing:** 9.8/10 (Category avg: 9.1/10)
- **API Monitoring:** 10.0/10 (Category avg: 8.9/10)

**Who Is the Company Behind Levo.ai?**

- **Seller:** [Levo](https://www.g2.com/sellers/levo-fed6d6f5-ba0b-4b0c-9a31-6bfb424af86c)
- **Year Founded:** 2021
- **HQ Location:** San Francisco, US
- **Twitter:** @levoinchq (104 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/levo-inc (32 employees on LinkedIn®)

**Who Uses This Product?**
- **Company Size:** 54% Mid-Market, 46% Small-Business


#### What Are Levo.ai's Pros and Cons?

**Pros:**

- API Management (5 reviews)
- Features (4 reviews)
- Security (4 reviews)
- Visibility (4 reviews)
- Automation (3 reviews)

**Cons:**

- Difficult Learning Curve (2 reviews)
- Poor Integration (2 reviews)
- Complex Setup (1 reviews)
- Integration Issues (1 reviews)
- Training Required (1 reviews)


### What Do G2 Reviewers Say About Levo.ai?
*AI-generated summary from verified user reviews*

**Pros:**

- Users commend Levo.ai for its **modern and effective API management** , enhancing security and visibility in dynamic environments.
- Users value Levo.ai for its **real-time security and unified visibility** , effectively enhancing their API and AI agent protection.
- Users commend Levo.ai for its **advanced security and visibility** , enabling effective monitoring and rapid remediation of API threats.
- Users value the **real-time visibility** provided by Levo.ai, enhancing security and streamlining API management effortlessly.
- Users value the **automation capabilities** of Levo.ai, which streamline security and enhance efficiency in modern SaaS environments.

**Cons:**

- Users find the **difficult learning curve** of Levo.ai challenging, especially for those new to observability and security tools.
- Users feel Levo.ai requires **better integration** with observability dashboards and existing SIEM and SOAR workflows.
- Users find the **complex setup** of Levo.ai challenging, especially for teams new to observability and security tools.
- Users note **integration issues** with existing workflows, seeking more granularity in policy controls and alerts.
- Users find the **steep learning curve** of Levo.ai challenging, particularly for those unfamiliar with observability tools.

#### What Are Recent G2 Reviews of Levo.ai?

**"[Strong, Autonomous API Security Platform with Easy Deployment](https://www.g2.com/survey_responses/levo-ai-review-12444556)"**

**Rating:** 4.5/5.0 stars
*— Verified User in Computer &amp; Network Security*

[Read full review](https://www.g2.com/survey_responses/levo-ai-review-12444556)

---

**"[Best Platform for API and agent security in once place](https://www.g2.com/survey_responses/levo-ai-review-11963084)"**

**Rating:** 5.0/5.0 stars
*— Prasad P.*

[Read full review](https://www.g2.com/survey_responses/levo-ai-review-11963084)

---



### 20. [Tenable Nessus](https://www.g2.com/products/tenable-nessus/reviews)
Built for security practitioners, by security professionals, Nessus products by Tenable are the de-facto industry standard for vulnerability assessment. Nessus performs point-in-time assessments to help security professionals quickly and easily identify and fix vulnerabilities, including software flaws, missing patches, malware, and misconfigurations - across a variety of operating systems, devices, and applications. With features such as pre-built policies and templates, customizable reporting, group “snooze” functionality, and real-time updates, Nessus is designed to make vulnerability assessment simple, easy, and intuitive. The result: less time and effort to assess, prioritize, and remediate issues.


**Average Rating:** 4.5/5.0
**Total Reviews:** 289

**Who Is the Company Behind Tenable Nessus?**

- **Seller:** [Tenable](https://www.g2.com/sellers/tenable)
- **Company Website:** https://www.tenable.com/
- **HQ Location:** Columbia, MD
- **Twitter:** @TenableSecurity (87,752 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/25452/ (2,350 employees on LinkedIn®)
- **Ownership:** NASDAQ: TENB

**Who Uses This Product?**
- **Who Uses This:** Security Engineer, Network Engineer
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 40% Mid-Market, 34% Enterprise


#### What Are Tenable Nessus's Pros and Cons?

**Pros:**

- Vulnerability Identification (20 reviews)
- Vulnerability Detection (18 reviews)
- Ease of Use (16 reviews)
- Automated Scanning (15 reviews)
- Features (13 reviews)

**Cons:**

- Slow Scanning (7 reviews)
- Expensive (6 reviews)
- Limited Features (6 reviews)
- Complexity (5 reviews)
- False Positives (5 reviews)


### What Do G2 Reviewers Say About Tenable Nessus?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **vulnerability identification** capabilities of Tenable Nessus, highlighting its accuracy and comprehensive coverage for security management.
- Users value the **advanced vulnerability detection** capabilities of Tenable Nessus, enhancing their security risk management effectively.
- Users value the **ease of use** of Tenable Nessus, appreciating its simple setup and user-friendly interface.
- Users value the **automated scanning** capabilities of Tenable Nessus, benefiting from its comprehensive and up-to-date vulnerability checks.
- Users commend the **comprehensive scanning capabilities** of Tenable Nessus, alongside its robust reporting and automation features.

**Cons:**

- Users note the **slow scanning** process, especially in large environments, significantly impacting resource usage and production times.
- Users find the **cost of running and maintaining Tenable Nessus** to be extensively high and burdensome.
- Users find **limited features** in Tenable Nessus, including restrictions on hosts, scans, and mobile application testing.
- Users find the **complexity** of Tenable Nessus challenging, especially with advanced features requiring significant technical knowledge.
- Users report that Nessus generates **false positives** , resulting in extra workload and hindering effective security management.

#### What Are Recent G2 Reviews of Tenable Nessus?

**"[Reliable and Efficient Vulnerability Management Tool](https://www.g2.com/survey_responses/tenable-nessus-review-12989192)"**

**Rating:** 5.0/5.0 stars
*— Mohsin H.*

[Read full review](https://www.g2.com/survey_responses/tenable-nessus-review-12989192)

---

**"[Self-Contained Nessus Scanning with Full Control in Offline Environments](https://www.g2.com/survey_responses/tenable-nessus-review-12937668)"**

**Rating:** 4.0/5.0 stars
*— Verified User in Higher Education*

[Read full review](https://www.g2.com/survey_responses/tenable-nessus-review-12937668)

---


#### What Are G2 Users Discussing About Tenable Nessus?

- [What is Nessus used for?](https://www.g2.com/discussions/what-is-nessus-used-for) - 1 comment
- [What types of vulnerabilities are scanned by Nessus?](https://www.g2.com/discussions/what-types-of-vulnerabilities-are-scanned-by-nessus)
- [Is there a free version of Nessus?](https://www.g2.com/discussions/is-there-a-free-version-of-nessus) - 2 comments
- [What is an advantage of using Nessus?](https://www.g2.com/discussions/what-is-an-advantage-of-using-nessus)
- [What does Nessus scan for?](https://www.g2.com/discussions/what-does-nessus-scan-for) - 1 comment

### 21. [AppTrana](https://www.g2.com/products/apptrana/reviews)
AppTrana API is a fully managed API security platform that provides continuous API discovery, automated vulnerability detection, and real-time protection against API attacks. It combines 24/7 AI-driven intelligence with human-led operations to deliver runtime security with a Zero False Positive Guarantee. Trusted by over 6,500 customers across 95+ countries, it offers unmetered protection with 100% availability. AppTrana API includes SwyftComply, an industry-first autonomous remediation capability that virtually patches API vulnerabilities without code changes, enabling zero-vulnerability compliance reports.


**Average Rating:** 4.8/5.0
**Total Reviews:** 34

**Who Is the Company Behind AppTrana?**

- **Seller:** [Indusface](https://www.g2.com/sellers/indusface)
- **Year Founded:** 2012
- **HQ Location:** Vadodara
- **Twitter:** @Indusface (3,472 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/indusface/ (180 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 54% Mid-Market, 23% Enterprise


#### What Are AppTrana's Pros and Cons?

**Pros:**

- Protection (11 reviews)
- Cybersecurity (9 reviews)
- WAF (Web Application Firewall) (7 reviews)
- Bot Detection (5 reviews)
- DDoS Protection (5 reviews)

**Cons:**

- Difficult Reporting (2 reviews)
- Complex Setup (1 reviews)
- Expensive (1 reviews)
- Learning Difficulty (1 reviews)
- Poor Documentation (1 reviews)


### What Do G2 Reviewers Say About AppTrana?
*AI-generated summary from verified user reviews*

**Pros:**

- Users rave about the **exceptional protection** provided by AppTrana, appreciating the 24/7 support and fast vulnerability patching.
- Users value the **comprehensive cybersecurity support** of AppTrana, ensuring robust protection and peace of mind 24/7.
- Users value the **comprehensive protection** provided by AppTrana WAF, noting its ease of use and reliable support.
- Users commend the **effective bot detection** capabilities of AppTrana, ensuring continuous protection without false positives.
- Users value the **exceptional DDoS protection** provided by AppTrana, ensuring 24/7 peace of mind from attacks.

**Cons:**

- Users find the **difficult reporting** of AppTrana limits analytics and lacks clarity in data interpretation.
- Users find the **complex setup** of AppTrana challenging due to poor documentation and confusing certificate requirements.
- Users express concerns about the **high cost** of AppTrana, especially with multiple application instances impacting budgets.
- Users find the **installation of third-party certificates** difficult due to poor documentation and confusing requirements.
- Users find **poor documentation** makes installation and replacement of third party certificates challenging and confusing.

#### What Are Recent G2 Reviews of AppTrana?

**"[AppTrana’s Managed WAAP with 24×7 SOC Support and Zero False Positives](https://www.g2.com/survey_responses/apptrana-review-13029658)"**

**Rating:** 5.0/5.0 stars
*— UTKARSH S.*

[Read full review](https://www.g2.com/survey_responses/apptrana-review-13029658)

---

**"[All-in-One App Security with Clear Threat Visibility and Responsive Support](https://www.g2.com/survey_responses/apptrana-review-13085777)"**

**Rating:** 4.5/5.0 stars
*— lenish r.*

[Read full review](https://www.g2.com/survey_responses/apptrana-review-13085777)

---


#### What Are G2 Users Discussing About AppTrana?

- [What is sucuri firewall?](https://www.g2.com/discussions/what-is-sucuri-firewall)
- [What is WAF service?](https://www.g2.com/discussions/what-is-waf-service) - 1 comment
- [What is AppTrana?](https://www.g2.com/discussions/what-is-apptrana) - 1 comment

### 22. [Invicti (formerly Netsparker)](https://www.g2.com/products/invicti-formerly-netsparker/reviews)
Invicti (formerly known as Netsparker) is an enterprise application and API security testing platform that helps organizations secure thousands of web applications and APIs at scale while dramatically reducing the risk of attack. Combining advanced DAST and IAST capabilities in a single platform, Invicti enables security teams to continuously identify, prioritize, and remediate vulnerabilities across complex modern environments with confidence and automation. With Invicti, security teams can: - Automate application security testing workflows and save hundreds of hours every month - Discover and secure all web applications and APIs, including forgotten, unmanaged, and shadow assets - Deliver actionable, developer-friendly feedback that helps teams remediate vulnerabilities faster and build more secure code over time - Reduce false positives with proof-based scanning technology that validates exploitable vulnerabilities - Scale application security programs across large enterprises without slowing development teams - Integrate security seamlessly into existing DevSecOps and CI/CD workflows Built for organizations with the most demanding security requirements, Invicti empowers teams to confidently secure their entire attack surface with accuracy, scalability, and automation.


**Average Rating:** 4.5/5.0
**Total Reviews:** 68
**How Do G2 Users Rate Invicti (formerly Netsparker)?**

- **API Testing:** 8.8/10 (Category avg: 9.1/10)

**Who Is the Company Behind Invicti (formerly Netsparker)?**

- **Seller:** [Invicti Security](https://www.g2.com/sellers/invicti-security-04cb0d3d-fd96-45b2-83dc-2038fc9dac92)
- **Company Website:** https://www.invicti.com/
- **Year Founded:** 2018
- **HQ Location:** Austin, Texas
- **Twitter:** @InvictiSecurity (2,557 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/invicti-security/people/ (335 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 46% Enterprise, 28% Mid-Market


#### What Are Invicti (formerly Netsparker)'s Pros and Cons?

**Pros:**

- Ease of Use (9 reviews)
- Scanning Technology (7 reviews)
- Features (6 reviews)
- Reporting Quality (6 reviews)
- Vulnerability Detection (6 reviews)

**Cons:**

- Poor Customer Support (3 reviews)
- Slow Performance (3 reviews)
- Slow Scanning (3 reviews)
- API Issues (2 reviews)
- Complex Setup (2 reviews)


### What Do G2 Reviewers Say About Invicti (formerly Netsparker)?
*AI-generated summary from verified user reviews*

**Pros:**

- Users highlight the **ease of use** of Invicti, appreciating its user-friendly setup and quick installation process.
- Users value the **efficient scanning technology** of Invicti, enhancing workflow with hassle-free monthly website tests.
- Users commend Invicti&#39;s **accurate vulnerability detection and excellent integration with DevOps tools** , enhancing their security testing efficiency.
- Users value the **high-quality reporting** of Invicti, making it ideal for certifications and simplifying compliance processes.
- Users value the **effective vulnerability detection** of Invicti, appreciating its ease of use and accurate reporting.

**Cons:**

- Users find the **customer support lacking** , with slow responses and inadequate solutions for technical issues.
- Users experience **slow performance** during scans, setup, and upgrades, impacting the overall efficiency of Invicti.
- Users find that **slow scanning** can hinder efficiency, especially when setup is tricky and API scanning is limited.
- Users face **API issues** with Invicti, making it unsuitable for scanning purposes despite good support.
- Users find the **complex setup** challenging initially, impacting their experience before they can effectively utilize the product.

#### What Are Recent G2 Reviews of Invicti (formerly Netsparker)?

**"[Accurate, Actionable Scans with Minimal Noise](https://www.g2.com/survey_responses/invicti-formerly-netsparker-review-13079965)"**

**Rating:** 4.5/5.0 stars
*— Verified User in Retail*

[Read full review](https://www.g2.com/survey_responses/invicti-formerly-netsparker-review-13079965)

---

**"[Scalable Enterprise Security: Deep Endpoint Coverage via Invicti](https://www.g2.com/survey_responses/invicti-formerly-netsparker-review-12742667)"**

**Rating:** 4.5/5.0 stars
*— Verified User in Information Technology and Services*

[Read full review](https://www.g2.com/survey_responses/invicti-formerly-netsparker-review-12742667)

---


#### What Are G2 Users Discussing About Invicti (formerly Netsparker)?

- [What is Invicti (formerly Netsparker) used for?](https://www.g2.com/discussions/what-is-invicti-formerly-netsparker-used-for) - 1 comment
- [What type of vulnerabilities Netsparker can automatically confirm?](https://www.g2.com/discussions/invicti-formerly-netsparker-what-type-of-vulnerabilities-netsparker-can-automatically-confirm)
- [What type of vulnerabilities Netsparker can automatically confirm?](https://www.g2.com/discussions/what-type-of-vulnerabilities-netsparker-can-automatically-confirm)
- [How much does Netsparker cost?](https://www.g2.com/discussions/invicti-formerly-netsparker-how-much-does-netsparker-cost-a1ecffa4-a216-4bcc-affd-40dc140f3e27)
- [How much does Netsparker cost?](https://www.g2.com/discussions/invicti-formerly-netsparker-how-much-does-netsparker-cost)

### 23. [StackHawk](https://www.g2.com/products/stackhawk/reviews)
StackHawk is reimagining AppSec for AI-driven development, where applications are built faster than traditional AppSec tools can keep up. Our AppSec Intelligence Platform combines scalable runtime testing with complete attack surface discovery from source code. We integrate directly into development workflows and provide context-aware remediations to developers, enabling teams to find and fix exploitable vulnerabilities before they reach production. With real-time visibility and centralized program intelligence, AppSec teams can prioritize testing and fixing what matters. Companies like British Airways, ITV, and Norstella trust StackHawk to evaluate application risk, prove program value, and scale testing coverage to match development velocity.


**Average Rating:** 4.6/5.0
**Total Reviews:** 67
**How Do G2 Users Rate StackHawk?**

- **API Testing:** 8.9/10 (Category avg: 9.1/10)
- **API Monitoring:** 9.1/10 (Category avg: 8.9/10)

**Who Is the Company Behind StackHawk?**

- **Seller:** [StackHawk](https://www.g2.com/sellers/stackhawk)
- **Year Founded:** 2019
- **HQ Location:** Denver, CO
- **Twitter:** @StackHawk (1,137 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/40780406/ (31 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 46% Small-Business, 35% Mid-Market


#### What Are StackHawk's Pros and Cons?

**Pros:**

- Easy Integrations (4 reviews)
- Customer Support (3 reviews)
- Customizability (3 reviews)
- Efficiency Improvement (3 reviews)
- Scanning Efficiency (3 reviews)

**Cons:**

- Complex Setup (3 reviews)
- High Learning Curve (3 reviews)
- Lacking Features (3 reviews)
- Limited Scope (3 reviews)
- Setup Complexity (3 reviews)


### What Do G2 Reviewers Say About StackHawk?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **easy integrations** for various tools, enhancing automation and streamlining their workflows effectively.
- Users commend the **great customer support** from StackHawk, with quick responses and helpful resources available.
- Users value the **customizability** of StackHawk, allowing tailored workflows and enhanced integration within their processes.
- Users highlight StackHawk&#39;s **efficiency improvement** , enhancing security testing and streamlining development workflows significantly.
- Users highlight the **impressive scanning efficiency** of StackHawk, enabling quick identification of vulnerabilities and seamless integration.

**Cons:**

- Users find the **complex setup** of StackHawk frustrating, particularly with YAML files and onboarding procedures.
- Users find StackHawk has a **high learning curve** due to its complex scripting and limited training resources.
- Users note the **lack of features** in StackHawk, citing limitations in API endpoint handling and vulnerability management.
- Users find the **limited scope** of StackHawk restricts usability and customization, impacting their vulnerability management efforts.
- Users find the **setup complexity** of StackHawk challenging due to confusing YAML configurations and onboarding processes.

#### What Are Recent G2 Reviews of StackHawk?

**"[StackHawk is a great DAST security tool](https://www.g2.com/survey_responses/stackhawk-review-10761348)"**

**Rating:** 5.0/5.0 stars
*— David M.*

[Read full review](https://www.g2.com/survey_responses/stackhawk-review-10761348)

---

**"[A Game-Changer for DevSecOps](https://www.g2.com/survey_responses/stackhawk-review-8847655)"**

**Rating:** 5.0/5.0 stars
*— Todd L.*

[Read full review](https://www.g2.com/survey_responses/stackhawk-review-8847655)

---


#### What Are G2 Users Discussing About StackHawk?

- [What is StackHawk used for?](https://www.g2.com/discussions/what-is-stackhawk-used-for)

### 24. [Akto API Security Platform](https://www.g2.com/products/akto-api-security-platform/reviews)
Akto is a trusted platform for application security and product security teams to build an enterprise-grade API security program throughout their DevSecOps pipeline. Our industry-leading suite of — API discovery, API security posture management, sensitive data exposure, and API security testing solutions enables organizations to gain visibility in their API security posture. 1,000+ Application Security teams globally trust Akto for their API security needs. Akto use cases: 1. API Discovery 2. API Security Testing in CI/CD 3. API Security Posture Management 4. Authentication and Authorization Testing 5. Sensitive data Exposure 6. Shift left in DevSecOps


**Average Rating:** 4.5/5.0
**Total Reviews:** 54
**How Do G2 Users Rate Akto API Security Platform?**

- **API Testing:** 8.8/10 (Category avg: 9.1/10)
- **API Monitoring:** 9.0/10 (Category avg: 8.9/10)

**Who Is the Company Behind Akto API Security Platform?**

- **Seller:** [Akto.io](https://www.g2.com/sellers/akto-io)
- **Company Website:** https://www.akto.io
- **Year Founded:** 2022
- **HQ Location:** San Francisco, California
- **Twitter:** @Aktodotio (1,357 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/akto-io/ (29 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Financial Services, Information Technology and Services
- **Company Size:** 44% Mid-Market, 40% Small-Business


#### What Are Akto API Security Platform's Pros and Cons?

**Pros:**

- Security (11 reviews)
- Cybersecurity (8 reviews)
- Ease of Use (8 reviews)
- API Management (7 reviews)
- Automation Testing (7 reviews)

**Cons:**

- Complex Setup (7 reviews)
- Setup Complexity (6 reviews)
- API Management (4 reviews)
- Complexity (4 reviews)
- Difficult Configuration (4 reviews)


### What Do G2 Reviewers Say About Akto API Security Platform?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **automated security testing** of Akto API Security Platform, enhancing their development process and security measures.
- Users value the **efficient AI integration** in Akto, enhancing API security and seamlessly fitting into DevSecOps workflows.
- Users appreciate the **user-friendly experience** of Akto API Security Platform, enjoying its clear dashboard and easy navigation.
- Users value the **seamless API security testing** integration with CI/CD pipelines, enhancing efficiency and collaboration in DevSecOps.
- Users appreciate the **automation testing capabilities** of Akto, simplifying API security and enhancing integration within CI/CD workflows.

**Cons:**

- Users find the **complex initial setup** challenging due to steep learning curves and inadequate documentation.
- Users face a **complex initial setup** with Akto, highlighting the need for better documentation and onboarding support.
- Users find the **steep learning curve** and complex configuration of Akto API Security challenging for new teams.
- Users find the **complexity** of Akto&#39;s platform can hinder new users in their understanding and setup experience.
- Users often face **difficult configuration** challenges with Akto, requiring significant time and effort to understand its features.

#### What Are Recent G2 Reviews of Akto API Security Platform?

**"[Easy to Use API Security Tool That Helps Save Time](https://www.g2.com/survey_responses/akto-api-security-platform-review-11240428)"**

**Rating:** 4.5/5.0 stars
*— ashish d.*

[Read full review](https://www.g2.com/survey_responses/akto-api-security-platform-review-11240428)

---

**"[Easy to Implement, Clear API Security Visibility, and Responsive Support](https://www.g2.com/survey_responses/akto-api-security-platform-review-12272742)"**

**Rating:** 4.5/5.0 stars
*— Verified User in Information Technology and Services*

[Read full review](https://www.g2.com/survey_responses/akto-api-security-platform-review-12272742)

---



### 25. [APPCHECK](https://www.g2.com/products/appcheck/reviews)
AppCheck is a Dynamic Application Security Testing (DAST) and network vulnerability testing solution, developed and supported by experienced penetration testers. We approach security testing as a hacker would, leveraging multiple proprietary crawling engines to analyse target behaviour across both modern and traditional technologies, including Single Page Applications (SPAs), APIs, and complex authentication flows such as SSO, 2FA, and TOTP. Organisations can conduct unlimited security assessments across Web Applications, SPAs, APIs, cloud services, networks, across internal or external assets. Supporting production and UAT testing, AppCheck also helps organisations ‘shift left’ by integrating with CI/CD pipelines and build servers, including ADO, GitHub, Jenkins, TeamCity, CircleCI, TravisCI, Bamboo, and GitLab CI/CD. Allowing automated security testing throughout development, identifying risks as soon as changes are introduced. AppCheck are proud to be part of the CVE Numbering Authority (CNA), contributing to global security research


**Average Rating:** 4.6/5.0
**Total Reviews:** 67
**How Do G2 Users Rate APPCHECK?**

- **API Testing:** 9.4/10 (Category avg: 9.1/10)
- **API Monitoring:** 9.2/10 (Category avg: 8.9/10)

**Who Is the Company Behind APPCHECK?**

- **Seller:** [APPCHECK](https://www.g2.com/sellers/appcheck)
- **Company Website:** https://www.appcheck-ng.com
- **Year Founded:** 2014
- **HQ Location:** Leeds, GB
- **Twitter:** @AppcheckNG (649 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/appcheck-ng-ltd/ (106 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 49% Mid-Market, 30% Small-Business


#### What Are APPCHECK's Pros and Cons?

**Pros:**

- Vulnerability Detection (7 reviews)
- Ease of Use (6 reviews)
- Features (5 reviews)
- Pentesting Efficiency (5 reviews)
- Automated Scanning (4 reviews)

**Cons:**

- Poor Customer Support (2 reviews)
- UX Improvement (2 reviews)
- API Issues (1 reviews)
- Difficult Customization (1 reviews)
- Difficult Learning Curve (1 reviews)


### What Do G2 Reviewers Say About APPCHECK?
*AI-generated summary from verified user reviews*

**Pros:**

- Users highlight the **effective vulnerability detection** of AppCheck, which outshines competitors in thoroughness and ease of use.
- Users find the **ease of use** of AppCheck invaluable, simplifying complex security processes effectively and efficiently.
- Users appreciate the **excellent pricing and functionality** of AppCheck, enhancing their vulnerability management and reporting capabilities.
- Users commend AppCheck for its **exceptional pentesting efficiency** , significantly enhancing vulnerability detection and streamlining security processes.
- Users appreciate the **automated scanning** of AppCheck, benefiting from detailed reports and seamless integration with CI/CD pipelines.

**Cons:**

- Users find the **poor customer support** frustrating, as they must submit tickets for simple changes.
- Users feel that **UX improvement** is necessary, particularly in scoring systems, customization, and starting points for scans.
- Users find the **API endpoint changes cumbersome** , relying on service requests instead of having direct control.
- Users find **difficult customization** options in AppCheck, limiting the ability to tailor reports and vulnerability scoring.
- Users note a significant **difficult learning curve** with Appcheck, which can hinder initial usability and efficiency.

#### What Are Recent G2 Reviews of APPCHECK?

**"[Effortless Vulnerability Management with APPCHECK](https://www.g2.com/survey_responses/appcheck-review-12463853)"**

**Rating:** 5.0/5.0 stars
*— Aaron H.*

[Read full review](https://www.g2.com/survey_responses/appcheck-review-12463853)

---

**"[Great onboarding experience and trial](https://www.g2.com/survey_responses/appcheck-review-11771398)"**

**Rating:** 4.0/5.0 stars
*— Tyler S.*

[Read full review](https://www.g2.com/survey_responses/appcheck-review-11771398)

---




## What Is API Security Tools?

[Cloud Security Software](https://www.g2.com/categories/cloud-security)

## What Software Categories Are Similar to API Security Tools?

- [Vulnerability Scanner Software](https://www.g2.com/categories/vulnerability-scanner)
- [Penetration Testing Tools](https://www.g2.com/categories/penetration-testing-tools)
- [Dynamic Application Security Testing (DAST) Software](https://www.g2.com/categories/dynamic-application-security-testing-dast)


