---
title: ZeroPath Reviews
meta_title: 'ZeroPath Reviews 2026: Details, Pricing, & Features | G2'
meta_description: Filter 11 reviews by the users' company size, role or industry to
  find out how ZeroPath works for a business like yours.
aggregate_rating:
  rating_value: 4.5
  review_count: 11
  scale: '5'
date_modified: '2026-07-13'
parent_category:
  name: "DevSecOps\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t"
  url: https://www.g2.com/categories/devsecops
---

# ZeroPath Reviews
**Vendor:** ZeroPath  
**Category:** [Static Application Security Testing (SAST) Software](https://www.g2.com/categories/static-application-security-testing-sast)  
**Average Rating:** 4.5/5.0  
**Total Reviews:** 11
## About ZeroPath
ZeroPath (YC S24) is the first AI-native application security platform that fundamentally reimagines how organizations find and fix vulnerabilities. Unlike deterministic SAST tools that bolt AI onto legacy rule engines, ZeroPath was built from the ground up to combine large language models with advanced program analysis (AST, data flow, taint tracking) by Ex-Tesla Red Team and Google Security engineers. ZeroPath&#39;s core differentiation is detecting critical vulnerabilities that pattern-matching SAST fundamentally cannot find. It catches IDORs, authorization bypasses, race conditions, and authentication bugs by reasoning about application behavior and developer intent. This capability achieved a 92% alert reduction when triaging findings from legacy tools. ZeroPath is best suited for enterprises and startups that want a complete appsec experience with: AI-powered SAST across 16+ languages, SCA with exploitability analysis (90% noise reduction by determining if dependency CVEs are actually reachable in your code), secrets detection with validation, IaC scanning for Terraform/CloudFormation/Kubernetes, and natural language security policies. Context-aware autopatch generation fixes 70% of vulnerabilities automatically with framework-specific patches that match your coding standards. To keep the developer experience seamless, ZeroPath integrates into existing workflows with zero configuration. It provides Sub-60-second PR scans on GitHub, GitLab, Bitbucket, and Azure DevOps to provide instant security feedback without blocking development. Developers receive clear explanations, one-click fixes, and can refine patches using natural language commands directly in PR comments. The platform automatically attributes vulnerabilities to responsible developers and syncs bidirectionally with Jira, Linear, and more. Overall, less noise, along with the breadth of integrations, has already made security teams faster in triaging and finding real vulnerabilities. Having been security engineers ourselves, we also understand how important visibility is for the evaluations. ZeroPath users get executive dashboards with real-time MTTR tracking, automated compliance reporting for SOC2 and ISO27001, and risk-based prioritization using CVSS 4.0 scoring. The platform provides complete visibility across organizational repositories, including security models, authentication patterns, and filtering logic, without manual configuration. Our research team dogfeeds our own technology and has discovered CVE-2025-61928 (critical account takeover in better-auth with 300k+ weekly downloads), identified 170+ verified bugs in curl, found 7 vulnerabilities in django-allauth enabling account impersonation, and discovered 0-days in production systems at Netflix, Hulu, and Salesforce. Currently trusted by 750+ companies running 200k+ scans monthly, ZeroPath delivers what security-conscious engineering teams need: more real vulnerabilities, dramatically less noise, and automated fixes that actually work.



## ZeroPath Pros & Cons
**What users like:**

- Users commend ZeroPath for its **high accuracy** , consistently surfacing relevant issues with minimal false alarms. (6 reviews)
- Users commend the **accuracy of findings** with ZeroPath, effectively identifying real security issues and minimizing false positives. (6 reviews)
- Users value the **high accuracy and low false positive rate** of ZeroPath, effectively identifying real security issues. (6 reviews)
- Users find **vulnerability detection** of ZeroPath to be accurate, effectively surfacing genuine security issues with low false positives. (5 reviews)
- Users praise the **effective vulnerability identification** of ZeroPath, noting its accuracy and low false positive rate. (4 reviews)
- Customer Support (3 reviews)
- Ease of Use (3 reviews)
- Scanning Efficiency (3 reviews)
- Automated Scanning (2 reviews)
- CI (2 reviews)

**What users dislike:**

- Users note **bug issues** in ZeroPath, but appreciate the team&#39;s quick response to resolve them. (2 reviews)
- Users report encountering **small bugs** in ZeroPath, though the team addresses them promptly. (2 reviews)
- Users experience **software bugs** with ZeroPath, although the team is quick to resolve them. (2 reviews)
- Users find the **pricing to be unreasonable** for their organization&#39;s current budget and needs. (1 reviews)
- Users report encountering **dashboard issues** due to bugs, though the support team is responsive in addressing them. (1 reviews)
- Expensive (1 reviews)
- False Positives (1 reviews)
- Inaccuracy (1 reviews)
- Inefficient Scanning (1 reviews)
- Pricing Issues (1 reviews)



- [View ZeroPath pricing details and edition comparison](https://www.g2.com/products/zeropath/reviews?page=2&section=pricing&secure%5Bexpires_at%5D=2026-07-14+13%3A22%3A46+-0500&secure%5Bsession_id%5D=6c56e028-b6ef-4e88-b8f7-98570dc43f89&secure%5Btoken%5D=ec1d96a204c7dc78688eaf43c26e717df40fb075629263f3ae739071bf76f691&format=llm_user)
## ZeroPath Integrations
  - [Aikido Security](https://www.g2.com/products/aikido-security/reviews)
  - [Android Studio](https://www.g2.com/products/android-studio/reviews)
  - [Asana](https://www.g2.com/products/asana/reviews)
  - [Azure DevOps Server](https://www.g2.com/products/azure-devops-server/reviews)
  - [Azure Pipelines](https://www.g2.com/products/azure-pipelines/reviews)
  - [Bitbucket](https://www.g2.com/products/bitbucket/reviews)
  - [Cursor](https://www.g2.com/products/cursor/reviews)
  - [Delve](https://www.g2.com/products/delve-delve/reviews)
  - [GitHub](https://www.g2.com/products/github/reviews)
  - [GitLab](https://www.g2.com/products/gitlab/reviews)
  - [IntelliJ IDEA](https://www.g2.com/products/intellij-idea/reviews)
  - [Jira](https://www.g2.com/products/jira/reviews)
  - [Kotlin](https://www.g2.com/products/kotlin/reviews)
  - [Laravel](https://www.g2.com/products/laravel/reviews)
  - [Linear](https://www.g2.com/products/linear/reviews)
  - [Python](https://www.g2.com/products/python/reviews)
  - [Semgrep](https://www.g2.com/products/semgrep/reviews)
  - [Slack](https://www.g2.com/products/slack/reviews)
  - [Snyk](https://www.g2.com/products/snyk/reviews)
  - [SonarQube](https://www.g2.com/products/sonarqube/reviews)
  - [Sprinto](https://www.g2.com/products/sprinto-inc/reviews)
  - [TypeScript](https://www.g2.com/products/typescript/reviews)
  - [Visual Studio](https://www.g2.com/products/visual-studio/reviews)
  - [Visual Studio Code](https://www.g2.com/products/visual-studio-code/reviews)
  - [Windsurf](https://www.g2.com/products/exafunction-windsurf/reviews)

## ZeroPath Features
**Administration**
- API / Integrations
- Extensibility

**Performance**
- Issue Tracking
- Detection Rate
- False Positives
- Automated Scans

**Functionality - Software Composition Analysis **
- Language Support
- Integration
- Transparency

**Documentation**
- Feedback
- Prioritization
- Remediation Suggestions

**Security**
- Tampering
- Malicious Code
- Verification
- Security Risks

**Agentic AI - Static Code Analysis**
- Adaptive Learning
- Natural Language Interaction
- Proactive Assistance

**Analysis**
- Reporting and Analytics
- Issue Tracking
- Static Code Analysis
- Code Analysis

**Network**
- Compliance Testing
- Perimeter Scanning
- Configuration Monitoring

**Effectiveness - Software Composition Analysis**
- Remediation Suggestions
- Continuous Monitoring
- Thorough Detection

**Security**
- False Positives
- Custom Compliance
- Agility

**Tracking**
- Bill of Materials
- Audit Trails
- Monitoring

**Testing**
- Command-Line Tools
- Manual Testing
- Test Automation
- Compliance Testing
- Detection Rate
- False Positives

**Application**
- Manual Application Testing
- Static Code Analysis
- Black Box Testing

**Agentic AI - Vulnerability Scanner**
- Autonomous Task Execution
- Proactive Assistance

**Agentic AI - Static Application Security Testing (SAST)**
- Autonomous Task Execution

## Top ZeroPath Alternatives
  - [GitHub](https://www.g2.com/products/github/reviews) - 4.7/5.0 (2,312 reviews)
  - [GitLab](https://www.g2.com/products/gitlab/reviews) - 4.5/5.0 (881 reviews)
  - [Wiz](https://www.g2.com/products/wiz-wiz/reviews) - 4.7/5.0 (822 reviews)

