Best Application Security Software

G2 Crowd Grid® for Application Security
Leaders
High Performers
Contenders
Niche
Momentum Leaders
Momentum Score
Market Presence
Satisfaction
content
Star Rating

Application Security reviews by real, verified users. Find unbiased ratings on user satisfaction, features, and price based on the most reviews available anywhere.

Compare Application Security Software
Results: 123
G2 Crowd takes pride in showing unbiased ratings on user satisfaction. G2 Crowd does not allow for paid placement in any of our ratings.
Results: 123
Filter Results
Filter by:
Sort by
Star Rating
Sort By:

    AWS WAF is a web application firewall that helps protect web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources.

    Coverity static analysis by Synopsys helps development and security teams find and fix defects and security flaws in code as it’s being written. Coverity is highly accurate, supports thousands of developers, and quickly analyzes large projects exceeding 100 million lines of code, helping your teams build secure, high-quality software faster.

    Cloudflare’s enterprise-class web application firewall (WAF) protects your Internet property from common vulnerabilities like SQL injection attacks, cross-site scripting, and cross-site forgery requests with no changes to your existing infrastructure.

    Automatic SQL injection and database takeover tool

    Netsparker develops an industry leading automated web application security solution. Available as Windows software, online and on-premises service, the Netsparker scanner can automatically detect SQL Injection, Cross-site Scripting and other vulnerabilities in any type of modern HTML5, Single Page Application (SPA), Web 2.0 web application and web services, regardless of the technology they are built with. The Netsparker scanner does not just report the vulnerabilities, it also generates a proof of exploit confirming they are real and not false positives. Therefore you do not have to waste time manually verifying the scanner’s findings and can easily scale up web application security and scan thousands of websites within a matter of hours. Netsparker is trusted and used by world renowned companies such as Samsung, Ernst & Young, Skype, NASA, ISACA and ING Bank.

    Imperva Incapsula
    (37)4.2 out of 5
    Optimized for quick response
    Optimized for quick response

    Imperva Incapsula delivers an enterprise-grade Web Application Firewall to safeguard your site from the latest threats, an intelligent and instantly effective 360-degree anti-DDoS solutions (layers 3-4 and 7), a global CDN to speed up your website's load speed and minimize bandwidth usage and an array of performance monitoring and analytic services to provide insights about your website's security and performance.

    Burp Suite is a toolkit for web application security testing.

    IBM Security AppScan Standard protects against web application attacks and expensive data breaches by automating application security vulnerability testing. Avoid security vulnerabilities Use automated dynamic security testing and advanced static analysis – “black box” and “white box” – to detect developing security issues. Empower accurate scanning Scan websites to identify embedded vulnerabilities. Simplify interpretation of scan results with scan-specific explanations of each issue. Get quick remediation Fix high-priority problems first with streamlined remediation. Make fixes quickly with the provided remediation steps – including code examples and a task list.

    Software security solutions from Micro Focus Fortify cover your entire software development lifecycle (SDLC) for mobile, third party and website security.

    Metasploit Pro is a penetration testing tool that increases penetration tester's productivity, prioritizes and demonstrates risk through closed-loop vulnerability validation, and measures security awareness through simulated phishing emails.

    Acunetix leads the market in automatic web security testing technology that accurately scans and audits all web applications, including HTML5, JavaScript and Single Page applications (SPAs). It offers a cost-effective entry into the web scanning market with a simple, scalable, and high availability solution, without compromising quality. Acunetix can report on a wide range of web vulnerabilities, including SQLi and XSS and provides the only technology on the market that can automatically detect out-of-band vulnerabilities. Acunetix also includes integrated vulnerability management features for enterprises to comprehensively manage, prioritise and control vulnerability threats – ordered by business criticality. Used by many Government, Military, Educational, Telecommunications, Banking, Finance, and E-Commerce sectors, including many Fortune 500 companies it is available on Windows, Linux and Online

    NGINX, Inc. is the company behind NGINX, the popular open source project trusted by more than 400 million sites. We offer a suite of technologies for developing and delivering modern applications. The NGINX Application Platform enables enterprises undergoing digital transformation to modernize legacy, monolithic applications as well as deliver new, microservices‑based applications. Companies like Netflix, Starbucks, and McDonalds rely on NGINX to reduce costs, improve resiliency, and speed innovation. NGINX investors include Blue Cloud Ventures, e.ventures, Goldman Sachs, Index Ventures, MSD Capital, NEA, Runa Capital, and Telstra Ventures. NGINX, Inc. is headquartered in San Francisco, CA, with an EMEA head office in Cork, Ireland and APAC head office in Singapore. Learn more at https://www.nginx.com/

    Checkmarx is the Software Exposure Platform for the enterprise. Over 1,400 organizations around the globe rely on Checkmarx to measure and manage software risk at the speed of DevOps. Checkmarx serves five of the world’s top 10 software vendors, four of the top American banks, and many government organizations and Fortune 500 enterprises, including SAP, Samsung, and Salesforce.com. Learn more at Checkmarx.com or follow us on Twitter: @checkmarx.

    Cloudbric is a cloud-based web security provider, offering an award-winning Web Application Firewall (WAF), DDoS protection, and SSL. Cloudbric offers security primarily to startup and SMB websites that lack cybersecurity experience or can't afford expensive IT security solutions. Cloudbric’s services are free for all websites with less than 4GB of bandwidth per month. We charge based on amount of web traffic, making Cloudbric perfect for SMEs and new startups. Our services are military-grade protection for the little guy.

    Eliminate application vulnerabilities and stop data breaches. You depend on applications everyday. They are how your customers and partners connect with you, and they are how your employees get their jobs done. Unfortunately, your applications remain one of the most commonly exploited threat vectors. Barracuda WAF protects your web, mobile and API applications from being compromised, and prevents data breaches— ensuring you maintain your reputation and your customer's confidence.

    AttackFlow is a solution helps find security and quality weaknesses in software by analyzing the code.

    Citrix Web App Firewall is a web application firewall (WAF) that protects web applications and sites from both known and unknown attacks, including all application-layer and zero-day threats.

    Extend the power of Cloudflare's DDoS, TLS, and IP Firewall to not just your web servers, but also your other TCP-based services, keeping them online and secure.

    Appknox is one of the enterprise level security assessment product that helps businesses and enterprises to detect, manage and fix security issues. Its been used by some of the top enterprises to secure more than 500 mobile apps on regular basis. Appknox is listed in one of the Gartner's top mobile app security testing vendors list. Working with more than 100 organizations globally Appknox has been focusing on niche area of mobile app security.

    BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.

    bugScout is a next-gen SAST platform for detecting vulnerabilities in application and website source codes, designed by ethical hackers and cybersecurity analysts coming out of Deloitte’s European cyberthreat SOC competency center. Today, source code security audits are snapshots that define the status at a point in time and deliver reports that are already out of date by the time they are finished because the development process is continuous. With its fast performance and scalability, bugScout enables continuous source code analysis. Security audits can keep pace with the speed of the development process, and role-based reports facilitate communications between security analysts and developers to help identify vulnerabilities, pinpoint the causes and remediate the problems.

    HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be exploited. The U.S. Department of Defense, General Motors, Google, Twitter, GitHub, Qualcomm, Starbucks, Dropbox, Intel,and over 1,200 other organizations have partnered with HackerOne to resolve over 90,000 vulnerabilities and award over $42M in bug bounties.

    Peach Fuzzer is an automated security testing platform that prevents zero-day attacks by findng vulnerabilities in hardware and software systems.

    Provides automated security testing and security scan of web applications to identify vulnerabilities, scans your network and devices and suggest to you recommendations on how they can be fixed, and provides a source code analysis to identify and resolve security weaknesses and vulnerabilities

    Web Application Protector is designed to safeguard web assets from web application and DDoS attacks, while improving performance.

    AppSecure is a suite of application security capabilities for Juniper Networks SRX Series Services Gateways that identifies applications for greater visibility, enforcement, control, and protection of the network.

    AppWall is a web application firewall (WAF) and network security solution that guarantees fast, reliable and secure web applications.

    A comprehensive web application firewall (WAF) that protects apps and data from known and unknown threats, defends against bots that bypass standard protections, and virtually patches app vulnerabilities.

    Cobalt's Pen Testing as a Service (PTaaS) Platform transforms yesterday’s broken pen test model into a data-driven vulnerability management engine. Fueled by our global talent pool of certified freelancers, Cobalt's crowdsourced SaaS pen test platform delivers actionable results that empower agile teams to pinpoint, track, and remediate software vulnerabilities. Hundreds of organizations now benefit from high quality pen test findings, faster remediation times, and higher ROI for their pen test budget.

    Comodo cWatch Web is a managed security service for websites and applications that combines a Web Application Firewall (WAF) provisioned over a secure Content Delivery Network (CDN).

    Test running apps and services for common security weaknesses and vulnerabilities using malformed inputs to detect flaws. Leverage fully automated tests across 250+ test suites, protocol-specific attack patterns and automatic test mutation

    Detectify is a web security scanner that performs fully automated tests to identify security issues on your website. It checks for SQL injections, XSS and 700+ other vulnerabilities. This is included: - A scanner that checks your site for 700+ vulnerabilities - The latest security tests submitted by ethical hackers - Unlimited number of scans - An extensive knowledge base with over 100 remediation tips - Team functionality so that you can easily share reports - Integrations with popular tools like Slack, Jira and PagerDuty

    FortiWeb WAF is a comprehensive, high-performance web application security service.

    WebInspect offers automated dynamic application security testing (DAST) and interactive application security testing (IAST) technologies that mimics real-world hacking techniques and attacks, provides comprehensive dynamic analysis of complex web applications and services, and crawls more of the attack surface to exposes exploits.

    Qualys WAF is an integrated web application firewall (WAF) and web application scanning (WAS) solution.

    Qualys WAS is Qualys's platform for end-to-end web application scanning.

    Sqreen is an application security platform that provides extensive visibility and reaction capabilities to the threats targeting both legacy and modern cloud applications. Trusted by security teams, loved by developers, Sqreen improves the security standards of the world's leading organizations. Founded by former security experts at Apple, Sqreen protects hundreds of companies from startups to Fortune 500 companies.  Sqreen uses a combination of technologies including a Runtime Application Self-Protection (RASP) agent to offer deep real-time visibility and protection against security activities and attacks. It offers out-of-the-box security rules against common attacks (OWASP top 10 and more), 0-days and advanced business logic threats. Protections can be easily extendable with custom rules. Get started with Sqreen in just a couple of minutes. No configuration or maintenance required. Benefits of using Sqreen: - Real-time protection without false positives - Deep visibility into security activities: origin, payloads, location, stack traces, time, actors etc. - Protection against common attacks and advanced 0-day attacks - Advanced customization capabilities to cover specific business logic threats - Scalable and integrated into DevOps environments

    WAF is a cloud firewall service that protects core website data and safeguards the security and availability of your site

    Application Security is a network security software that provides safeguards against unauthorized access and malicious application attacks.

    Appsec Scale is an automated web application security testing solution. Its works with the same appsec engine as Outpost24's SWAT (the Secure Web Application Tactics) which means it always adapt itself to applications changes and new discovered threats. Appsec Scale test continuously the application but customers keep the control of the solution. Finally, Appsec Scale goes further than application testing and analyzes also the infrastructure. The solution can fit organizations of any size. It is Cloud-based (SaaS) so easy to deploy. But Application security teams are available 24/7 to support. Know more > https://outpost24.com/appsec-scale

    AppSpider is a dynamic application security testing (DAST) solution.

    Arxan Application Protection offers protection and management solutions for IoT, mobile, and other applications.

    Black Duck by Synopsys provides a comprehensive software composition analysis (SCA) solution for managing security, quality, and license compliance risk that comes from the use of open source and third-party code in applications and containers.

    BreachLock is a security startup that offers a unique SaaS platform delivering on-demand, continuous and scalable security testing suitable for modern cloud and DevOps powered businesses.

    CAST Application Intelligence Platform (AIP) is an enterprise-grade software measurement and quality analysis solution designed to analyze multi-tiered, multi-technology applications for technical vulnerabilities and adherence to architectural and coding standards and then provide business relevant information to the IT organization through various dashboards and products built with end users in mind.