As of March 2024, in the Dynamic Application Security Testing (DAST) category, the market share of HCL AppScan is 42.1% and it increased
by 24.9% compared to the previous year. The market share of Fortify WebInspect is 31.6% and it decreased
by 20.1% compared to the previous year. The market share of Rapid7 InsightAppSec is 13.2% and it decreased
by 33.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
March 2024
Dynamic Application Security Testing (DAST)
Top Dynamic Application Security Testing (DAST) products
IBM Security AppScan enhances web application security and mobile application security, improves application security program management and strengthens regulatory compliance. By scanning your web and mobile applications prior to deployment, AppScan enables you to identify security vulnerabilities and generate reports and fix recommendations.
Fortify WebInspect is an automated DAST solution that helps security professionals and QA testers uncover security vulnerabilities and configuration concerns by providing complete vulnerability detection. This is accomplished by mimicking real-world external security attacks on a live application in order to discover and prioritize concerns for root-cause study. Fortify WebInspect provides a number of REST APIs for easier integration, as well as the ability to be maintained via an intuitive UI or totally automated.
Your web applications may be complex, but your application security testing tool doesn’t need to be. InsightAppSec brings Rapid7’s proven Dynamic Application Security Testing (DAST) technology to the Insight platform, combining powerful application crawling and attack capabilities, flexibility in scan scope and scheduling, and accuracy in results with a modern UI, intuitive workflows, and sensible data organization. This enables you to identify XSS, SQL injection, CSRF, and other vulnerabilities with unparalleled ease. The best part? All of these capabilities are delivered via the cloud so that you’re up and running in minutes to identify the critical security risks that exist in your applications.
Burp Suite Enterprise Edition is an automated web vulnerability scanner, designed to enable enterprises to scale security across their web portfolios and achieve DevSecOps. Automate trusted Burp scans, integrate web security testing with development, and free your application security to support software development.
WhiteHat Dynamic™ enables organizations to test applications at DevSecOps speed and enterprise-scale to build trust into their entire software portfolio. WhiteHat Dynamic combines artificial intelligence with expert security analysis, producing verified, actionable findings with near-zero false positives and yielding the most accurate results enabling organizations the need to understand, prioritize, and mitigate or remediate vulnerabilities in the shortest timeframe.
Formerly HipTest: CucumberStudio is the leading collaboration platform for BDD - an easy-to-use tool to define ideas, test code, and learn in production from real-time insight.
Rolling out DevSecOps within an organization requires security tools that fit into existing engineering workflows. From scan kickoffs to findings alerts to backlog prioritization, your DAST tooling should tie in with your engineering stack. StackHawk is built for modern delivery teams and their tools.
BeSTORM is a dynamic application security testing (DAST) tool with a black box fuzzing option. BeSTORM's DAST uses a combination of injection attacks that are calculated attack methods. These guided attacks are designed to uncover known vulnerabilities within an application. BeSTORM can also engage black box fuzzing, without access to an application's source code, overwhelming an application with randomized code injection attack techniques.
Appknox is an on-demand mobile application security platform that helps businesses detect and fix security vulnerabilities using an Automated Security Testing suite. We have been successfully reducing delivery timelines, manpower costs & mitigating security threats for Global Banks and Enterprises in 10 + countries.
No limit web app and API scanner. SOOS DAST integrates into your build pipeline and consolidates DAST test results with SCA vulnerability scans in a single powerful web dashboard.
AppCheck provides a comprehensive vulnerability scanning platform that is designed to cover and test each layer of an organisation’s key IT systems for vulnerabilities, in one seamless and intuitive solution.
