Detectify

0(0 reviews)

Software Status:Active

About Detectify

Detectify is a web application security testing platform from Detectify that helps organizations find, classify, and scan all assets across their attack surface using DAST methods. It provides API scanning, insights on which apps to scan, and a solution that scales alongside rapidly growing attack surfaces to help ensure comprehensive coverage. Additionally, Detectify offers tools for continuous compliance to demonstrate real compliance on a daily basis. With a focus on addressing common challenges faced by technology organizations, Detectify is designed to meet the needs of enterprises seeking reliable security solutions. Key capabilities: API Scanning Asset Discovery Attack Surface Management Continuous Compliance Vulnerability Reporting Best for: security teams that need to protect their web applications and APIs from vulnerabilities.

Detectify Details

Vendor

Detectify

Year Launched

2013

Location

Medborgarplatsen 25, Stockholm, Sweden 118 72, SE

Deployment

cloud

Training Options

documentation, videos, live online, in person

Countries Served

All Countries

Languages

English, Swedish, German, French, Spanish, Japanese, Portuguese, Russian, Mandarin, Arabic

Users

Application Security Teams, Security Engineers, DevOps Teams, Engineering Managers, Information Security Directors, Security Triage Leads, CISOs

Industries Served

Technology, Consumer Packaged Goods, Media, Gaming, Public Sector

Detectify's In-App Market Place

Does Detectify have an in-app market place?

Yes

How many Mini-Apps in the marketplace?

Mini Apps

N/A

Pricing Options

Free trial

Free version

Request a quote

Promo Offer

Accepted Payment Currencies

USD ($), EUR (€), AUD (A$), GBP (£), JPY (¥), CAD (C$), CHF (CHF), SEK (kr), DKK (kr), NOK (kr)

Pros & Cons

Comprehensive Attack Surface Coverage: Combines continuous asset discovery (Surface Monitoring) with deep application scanning (Application Scanning) for a broad and deep view of external assets.
High Accuracy & Low False Positives: Uses payload-based testing, which focuses on real exploitability, leading to highly relevant results and less wasted time.
AI-Powered Insights (Alfred AI): Automates vulnerability assessment, prioritization, and test generation, enhancing efficiency.
Easy to Use & Integrate: Designed for quick onboarding and seamless integration with existing security workflows and CI/CD pipelines via robust APIs.

Limited Internal Asset Coverage: Primarily focuses on external, internet-facing assets and may not provide in-depth scanning for internal networks or assets behind a VPN/firewall.
API Testing Limitations: While it can find some API-related issues via web app crawling, it lacks native, dedicated API security testing capabilities for complex API-first architectures (e.g., GraphQL).
Cost for Large Footprints: While there's a free trial and per-scan/per-domain pricing, costs can scale rapidly for organizations with a very large number of assets or complex scanning needs.
No Human Penetration Testing Insights: Being an automated tool, it cannot replicate the nuanced, context-aware insights that a manual penetration tester might uncover.