Test running apps and services for common security weaknesses and vulnerabilities using malformed inputs to detect flaws. Leverage fully automated tests across 250+ test suites, protocol-specific attack patterns and automatic test mutation

Work for Defensics?

Learning about Defensics?

We can help you find the solution that fits you best.

Defensics Reviews

Chat with a G2 Advisor
Write a Review
Filter Reviews
Filter Reviews
Company Size
User Role
Showing 1 Defensics review
LinkedIn Connections
Defensics review by User
Validated Reviewer
Verified Current User
Review Source

"Defensics for fuzz testing REST APIs"

What do you like best?

It's relatively easy to get started. The tool allow extending it using Java or Python so you can test virtually any system. Reporting is great: you can easily know which anomalous input caused an error to reproduce and fix it.

What do you dislike?

The tool works best in case you're testing a protocol for which there's a built-in fuzzer. In case you choose to use a generic fuzzer like the Universal Fuzzer and add you're own logic then the usefulness of the tool is greatly reduced. Testing REST APIs which have good input validation (like JSON schema validation) won't typically yield much result.

Recommendations to others considering the product

For basic testing you can rely on open source tools instead. I believe for world-class products a tool like Defensics is needed.

What business problems are you solving with the product? What benefits have you realized?

Enhancing the robustness of our software. Defending against unknown attack vectors. Prevent SQL injections among other attacks.

Sign in to G2 Crowd to see what your connections have to say about Defensics

What Penetration Testing solution do you use?

Thanks for letting us know!

There are not enough reviews of Defensics for G2 Crowd to provide buying insight. Below are some alternatives with more reviews:

Metasploit Logo
(15 reviews)
Metasploit Pro is a penetration testing tool that increases penetration tester's productivity, prioritizes and demonstrates risk through closed-loop vulnerability validation, and measures security awareness through simulated phishing emails.
Veracode Application Security Platform Logo
Veracode Application Security Platform
(11 reviews)
Veracode is the world's best automated, on-demand application security testing and code review solution.
SQLmap Logo
(7 reviews)
Automatic SQL injection and database takeover tool
HackerOne Logo
(3 reviews)
The Most Trusted Hacker-Powered Security Platform
Detectify Logo
Detectify is a SaaS based website security service that analyzes and monitors the security level of a user's website by applying a broad range of emulated hacker attacks and provide report that describes the identified vulnerabilities and their potential risk in the hands of malicious hackers.
Swascan Security Suite Logo
Swascan Security Suite
Provides automated security testing and security scan of web applications to identify vulnerabilities, scans your network and devices and suggest to you recommendations on how they can be fixed, and provides a source code analysis to identify and resolve security weaknesses and vulnerabilities
7 Logo
Cobalt's Pen Testing as a Service (PTaaS) Platform transforms yesterday’s broken pen test model into a data-driven vulnerability management engine. Fueled by our global talent pool of certified freelancers, Cobalt's crowdsourced SaaS pen test platform delivers actionable results that empower agile teams to pinpoint, track, and remediate software vulnerabilities. Hundreds of organizations now benefit from high quality pen test findings, faster remediation times, and higher ROI for their pen test budget.
IrisLogic Logo
0 reviews
IrisLogic strives to be a globally respected company that delivers the most suitable and intelligent software & technology solutions.
AppSec Scale Logo
AppSec Scale
0 reviews
Appsec Scale delivers an automated web application security testing solution that compliments Outpost24 SWAT and PEN testing. This production safe solution can easily onboard applications at scale, and continuously monitor their vulnerability profile. In fact, the Appsec engine is the same as the one used in SWAT which means it learns as SWAT learns. Combined with vulnerability management, Appsec Scale gives you a more complete view of your application risk, all visible in one interface.
CAST Application Intelligence Platform Logo
CAST Application Intelligence Platform
0 reviews
CAST Application Intelligence Platform (AIP) is an enterprise-grade software measurement and quality analysis solution designed to analyze multi-tiered, multi-technology applications for technical vulnerabilities and adherence to architectural and coding standards and then provide business relevant information to the IT organization through various dashboards and products built with end users in mind.
Show more
Kate from G2 Crowd

Learning about Defensics?

I can help.
* We monitor all Defensics reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. Validated reviews require the user to submit a screenshot of the product containing their user ID, in order to verify a user is an actual user of the product.