Apiiro Reviews

Name: Apiiro
Brand: Apiiro
Rating: 4.0 (3 reviews)

4.0 out of 5

3 reviews
100% willing to recommend

What is Apiiro?

Apiiro is the leader in application security posture management (ASPM), unifying risk visibility, prioritization, and remediation with deep code analysis and runtime context.

Get the Apiiro Buyer's Guide and find out what your peers are saying about Apiiro, SonarQube Server (formerly SonarQube), GitLab and more!

Apiiro is the #4 ranked solution in top Application Security Posture Management (ASPM) solutions, #8 ranked solution in top Software Supply Chain Security solutions, #10 ranked solution in top Software Composition Analysis (SCA) solutions, #11 ranked solution in API Security Solutions, #12 ranked solution in top Risk-Based Vulnerability Management solutions, and #20 ranked solution in AST tools. PeerSpot users give Apiiro an average rating of 8.0 out of 10. Apiiro is most commonly compared to SonarQube Server (formerly SonarQube): Apiiro vs SonarQube Server (formerly SonarQube). Apiiro is popular among the large enterprise segment, accounting for 47% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 20% of all views.

Helped 866,300 peers since 2012

Featured Apiiro reviews

Kunal M

Capability Center Leader, ETRM Platforms at Shell

My first feedback for Apiiro is that it is very slow, extremely slow. The moment I select from the entire list of repositories in my vertical, which is almost more than 400 repositories, it takes a lot of time for me to load the report. Sometimes it fails. I do not have Role-Based Access Control (RBAC). It's only given to the application security team, and Apiiro as a vendor does not have the rollback access control enabled for the clients, so that would have given me access to the reports tab, which would have made my life easier. Currently, I have to go to the risks tab to pull out all this information. I started exploring dashboards with Copilot. I need to reach out to the Apiiro teams to see if I can get an access token so that I can pull out a Power BI dashboard. I think Apiiro definitely has its own capabilities, but if there are access tokens that teams can use to build a custom dashboard, that would be great. This might already exist, but that is something which will ease the vulnerability management day-to-day activities.

Read full review

Ryan-Murphy

Senior Security Engineer at Schrödinger

The biggest benefit of Apiiro for us was the visibility it gave us into our GitHub organization, which we didn't have much of before. The benefit of adding Apiiro early is that it would be integrated into our pipeline from the start. Since we have had some of our software products for many years, we would have to do a lot of cleaning up before integrating Apiiro into our developer workflow. Integrating Apiiro early allows us to stay ahead of the curve on security issues and address them as they arise, rather than having a huge backlog for developers to fix. Apiiro's ability to provide visibility into the risk of our application components is great. This was a selling feature for us. Apiiro was a less mature product a little over a year ago when they were still early on in their development. However, they have made fantastic advancements over the last year, which has given us much more visibility into that sort of thing. Apiiro has helped prevent business-critical risks by making recommendations based on what it thinks is a high or critical issue. I think it does a pretty good job at that, but those recommendations still need a manual review from us. In general, if Apiiro flags a critical issue, it is usually pretty close to identifying whether it is business-critical or not. It is something we should review, even if we end up downgrading it. Apiiro raises valid concerns, and I am happy that it does.

Read full review

reviewer2286390

Tech Lead SecDev Apps at a financial services firm with 51-200 employees

I've been pretty close to all of their new releases. We are on the beta program for a lot of their new features. We do a good job of testing and we learn whatever we can at the time. Since we're testing some of the new features for them, and walking through the product, we'll work with their chief product officer to see what's on the road map and what's coming down the line. It's been really nice and a good, two-way conversation. That said, user management is a little bit clunky. It relies on contributors to source code. It's a little bit clunky, especially during the renewal process for our contract. Trying to figure out how many "seats" we had was very, very difficult due to the fact that it pulled those numbers dynamically from whoever was contributing to our GitHub repo. Therefore, having that be a little bit less clunky and not having to pull logs for who was actually contributing to the GitHub repo to find who is using licenses would be ideal. There's probably a much easier way to handle the users on the platform.

Read full review

Apiiro mindshare

Product category:

As of September 2025, the mindshare of Apiiro in the Application Security Posture Management (ASPM) category stands at 8.2%, up from 8.0% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Application Security Posture Management (ASPM) Market Share Distribution
Product	Market Share (%)
Apiiro	8.2%
Snyk	21.7%
Veracode	13.2%
Other	56.900000000000006%

Application Security Posture Management (ASPM)

PeerResearch reports based on Apiiro reviews

Type	Title	Date
Category	Application Security Posture Management (ASPM)	Aug 31, 2025	Download
Product	Reviews, tips, and advice from real users	Aug 31, 2025	Download
Comparison	Apiiro vs Snyk	Aug 31, 2025	Download
Comparison	Apiiro vs Veracode	Aug 31, 2025	Download
Comparison	Apiiro vs CrowdStrike Falcon Cloud Security	Aug 31, 2025	Download

Title	Rating	Mindshare	Recommending
SonarQube Server (formerly SonarQube)	4.0	N/A	81%	116 interviews Add to research
GitLab	4.2	N/A	97%	85 interviews Add to research

Valuable Features

"Apiiro's secrets detection feature has saved us several times, which we appreciate greatly."
"The workflow automation is likely the best aspect of the solution."

Room for Improvement

"I would like support for our self-hosted Git server, other than GitHub, just regular Git."
"User management is a little bit clunky."

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Apiiro Buyer's Guide for additional reliable information.

Top industries

By visitors reading reviews

Computer Software Company

20%

Financial Services Firm

13%

Comms Service Provider

Manufacturing Company

Outsourcing Company

University

Healthcare Company

Energy/Utilities Company

Retailer

Insurance Company

Government

Pharma/Biotech Company

Legal Firm

Construction Company

Hospitality Company

Media Company

Performing Arts

Non Profit

Real Estate/Law Firm

Consumer Goods Company

Compare Apiiro with alternative products

Learn more about Apiiro

Companies like Morgan Stanley, SoFi, Rakuten, and Navan leverage Apiiro's ASPM to...

Get complete application and risk visibility: Apiiro takes a deep, code-based approach to ASPM. Its Cloud Application Security Platform analyzes source code and pulls in runtime context to build a continuous, graph-based inventory of application and software supply chain components.

Prioritize risks with code-to-runtime context: With its proprietary Risk Graph™️, Apiiro contextualizes security alerts from third-party tools and native security solutions based on the likelihood and impact of risk to uniquely minimize alert backlogs and triage time by 95%.

Fix and prevent risks that matter—faster: By tying risks to code owners, providing LLM-enriched remediation guidance, and embedding risk-based guardrails directly into developer tools and workflows, Apiiro improves remediation times (MTTR) by up to 85%.

Apiiro's native security solutions include API security testing in code, secrets detection and validation, software bill of materials (SBOM) generation, sensitive data exposure prevention, software composition analysis (SCA), and CI/CD and SCM security.

Apiiro was previously known as Apiiro Control Plane (ASOC), Apiiro API Security (SAST), Apiiro Open Source (SCA).

Apiiro customers

Morgan Stanley, Rakuten, Jack Henry, SoFi, Colgate, Navan

Author info	Rating	Review Summary
Capability Center Leader, ETRM Platforms at Shell	3.5	I use Apiiro mainly for reporting, finding its metrics valuable for tracking risks and performance, though it's slow with large data. While helpful, I wish for better access controls and custom dashboard integration to improve vulnerability management.
Senior Security Engineer at Schrödinger	5.0	We use Apiiro to enhance security by detecting secrets and cleaning up unused public repositories. Its features provide visibility and training opportunities for developers. Apiiro has grown significantly, supported by a fantastic team and competitive pricing, surpassing alternatives like GuardRails.
Tech Lead SecDev Apps at a financial services firm with 51-200 employees	3.5	I use Apiiro for source code analysis to identify vulnerabilities early in our AppSec strategy. Its automation improves workflow, reduces manual work by ten hours monthly, and lowers remediation time, though user management could be simplified.

Apiiro Reviews

What is Apiiro?

Featured Apiiro reviews

Apiiro mindshare

PeerResearch reports based on Apiiro reviews

Valuable Features

Room for Improvement

Top industries

Compare Apiiro with alternative products

Learn more about Apiiro

Apiiro customers

Related questions

Product Categories

Popular Comparisons