It's been two months since this profile received a new review

Detectify Reviews & Product Details

Detectify sets a new standard for advanced application security testing, challenging traditional DAST by providing evolving coverage of each and every exposed asset across the changing attack surface. AppSec teams trust Detectify to expose how attackers will exploit their Internet-facing applications. The Detectify platform automates continuous real-world, payload-based attacks fuelled by its global community of elite ethical hackers into its own expert-built engines, exposing critical weaknesses before it's too late. The Detectify solution includes: - Automated discovery of known and unknown digital assets via domain & cloud connectors - Continuous coverage (24/7) of every corner of the attack surface with dynamic testing. Not just predefined targets - 100% payload-based testing fuelled by elite ethical hackers for a high signal-to-noise ratio - Distributed coverage across an unmatched array of relevant technologies - Actionable remediation tips for software development teams - Team functionality to easily share reports - Powerful integrations platform to prioritize and triage vulnerability findings onward to development teams -Advanced API functionality -Capabilities to set custom attack surface security policies

Seller

Detectify

Discussions

Detectify Community

Languages Supported

English

Overview by

Carl-Fredrik Wållgren

Pricing

Pricing provided by Detectify.

Full EASM solution

Small Attack Surface

Starting at €82.00

Per Month

View More Pricing Information

Top-Rated Alternatives

View All Alternatives

Detectify Media

Continuously spot changes with the attack surface overview

Detectify Demo - Create custom policies directly from your filtered view of the attack surface

By enabling granular control at the domain level, Detectify helps you to enforce security standards more effectively and reduce the risk of overlooked breaches, ensuring that your valuable time and attention are focused on the most critical threats.

The Domains page provides your team with the most powerful and flexible attack surface insights. Try it out by filtering domain data adding your own values or using recommended filters, directly creating custom policies, or visually exploring your domain data with the network graph.

Detectify Demo - An easy-to-use tool to immediately start scanning

Detectify doesn’t require hours of work to onboard and manage. Get started in no-time using cloud connectors and easily integrate results into your existing workflows. Get the most out of the platform with powerful integrations and API.

Detectify Demo - Automated attacks fuelled by elite ethical hackers are built into our expert-built engines

From pioneering subdomain takeover tests to crowdsourcing vulnerability research, including hundreds of 0-days, we have always sought to automate human ingenuity. We build our engines so that we can move at speed and scale.

G2 reviews are authentic and verified.

Here's how.

Verified User in Computer Software

Mid-Market (51-1000 emp.)

10/14/2022

"The importance of scanning"

5/5

What do you like best about Detectify?

The hands-free, passive scanning and weekly reports delivered right to my email. Review collected by and hosted on G2.com.

What do you dislike about Detectify?

At times, looking at remediation documentation can be troublesome. Review collected by and hosted on G2.com.

Response from Detectify Team of Detectify

edit

Thank you for your feedback! We’re delighted to have you as a customer and are happy to hear Detectify delivers value for you.

Verified User in Investment Banking

Mid-Market (51-1000 emp.)

8/19/2022

"Very good tool to check attack surface of company."

5/5

What do you like best about Detectify?

Surface Monitor the old Asset monitor, result of vulnerabilities . Review collected by and hosted on G2.com.

What do you dislike about Detectify?

Nothing at this moment to use the tool but the price can be less expensive. Review collected by and hosted on G2.com.

Cenil R.

IT Manager

Mid-Market (51-1000 emp.)

2/15/2022

"Excellent tool for Web application Vulnerability Scanning"

4/5

What do you like best about Detectify?

The tool is simple to use, it gives good insights into existing and emerging vulnerabilities. We scan around 50+ websites using Detectify. Good customer service as well. Review collected by and hosted on G2.com.

What do you dislike about Detectify?

The tool UI has evolved a lot comparing the features it had 1 year ago. No issues to report. Review collected by and hosted on G2.com.

Gunnar K.

CTO

Small-Business (50 or fewer emp.)

11/12/2021

"A good web vulnerability scanner"

4.5/5

What do you like best about Detectify?

Detectify's scanner works well. Crawling is good and it does a decent job at de-duplication. Most findings include good descriptions of the issue and related information. Review collected by and hosted on G2.com.

What do you dislike about Detectify?

Some report fillers are included in reports. Would be valuable with more configuration to ignore a certain finding on a certain set of pages (for the cases where their de-duplication fails to identify that an underlying page is the same) Review collected by and hosted on G2.com.

Rohit P.

Chief Information Security Officer (CISO)

Mid-Market (51-1000 emp.)

2/9/2021

"DAST scanner with a slightly different approach"

3.5/5

What do you like best about Detectify?

When we evaluated the scanner we found it have crowdsourcing enabled as a part of the offering and the platform, which helped us get insights on vulnerabilities from other researchers. Review collected by and hosted on G2.com.

What do you dislike about Detectify?

I would have liked a little more storytelling on metrics and daashboards Review collected by and hosted on G2.com.

Response from Maja Grywenz of Detectify

edit

Hi Rohit!

Thanks for your review. We are happy to hear that you are satisfied with the Detectify service. We'll take your feedback into consideration.

Kind regards,

Detectify

Mitch P.

Project Manager

Mid-Market (51-1000 emp.)

5/27/2021

Business partner of the seller or seller's competitor, not included in G2 scores.

"Our way to keep websites secure"

4.5/5

What do you like best about Detectify?

Schedule scans, so my websites keep secure. Easy way to configure a new site to the platform using a DNS record or textfile. Deep Scan results are very detailed and usefull for improvement, It even gives information for fixes of the security problems. You can start deepscans every moment you like. It provides rates to security issues which I can message to my clients so they can decide if they would fix the problem. The visual interface is straightforward to use without technical knowledge. During scans it shows the status on a very understandable (graphical) way, so you always know what the status of a scan is. If it keeps my client happy on a easy way, it keeps me happy. Review collected by and hosted on G2.com.

What do you dislike about Detectify?

No auto detection for WordPress so it automatically detects old versions. I would suggest support for the most used frameworks like WordPress, Magento... That would help much people in their daily projects. Sometimes deep scans takes long (more then 4 hours) to complete, there may be some performance improvements possible. Review collected by and hosted on G2.com.

Recommendations to others considering Detectify:

Beneficial improvements for your websites, which you can easily export and send to your client. Good tips about improvements and even gives non-security-related tips about your website. I would recommend Detectify Deep Scan, especially for scheduled tests, so you can keep your sites updated without taking too much time. Review collected by and hosted on G2.com.

What problems is Detectify solving and how is that benefiting you?

I mostly solve cross site scripting issues which not have been fixed during development traject. Most likely 'forgotten' input fields or whatever. Also fixing problems regarding to usage of third party scripts (iframes). Also I can just give my clients PDF exports of the problems which they can read before we fix the problem. That way they are always up-to-date to fixes we do on their websites. Review collected by and hosted on G2.com.

Verified User in Computer Software

Mid-Market (51-1000 emp.)

10/28/2021

"Useful for finding edge cases, although creates lots of junk accounts"

4/5

What do you like best about Detectify?

We were able to find some relatively obscure and more nit-picky vulnerabilities on our sites. It was easy to implement and easy to run tests. Review collected by and hosted on G2.com.

What do you dislike about Detectify?

It did end up creating a long list of fake accounts in our system, along with a sizeable amount of other ugly data when authenticated. Review collected by and hosted on G2.com.

What problems is Detectify solving and how is that benefiting you?

In the past, we've used bounties to help find issues and vulnerabilities with our sites. The responses come sporadically and have to be validated. Detectify is more convenient and allows us to check for thoroughness at any point we choose -- we don't have to wait for others to find issues for us. Review collected by and hosted on G2.com.

Verified User in Information Technology and Services

Small-Business (50 or fewer emp.)

10/28/2021

"Not totally confident in the results"

2.5/5

What do you like best about Detectify?

I like the email reports and the severity categories. Review collected by and hosted on G2.com.

What do you dislike about Detectify?

I was surprised to find that security headers are not checked and was told in a support ticket that this is a beta feature that we need to switch on. It seems that the speed of adding checks could be faster, and I thought I'd previously seen this being checked by Detectify. That has shaken my confidence a bit. Review collected by and hosted on G2.com.

Verified User in Machinery

Enterprise (> 1000 emp.)

7/8/2021

"Very intuitive and easy to configure and use web app security scanning solution"

4.5/5

What do you like best about Detectify?

Very easy to set up and configure. After our initial PoC, we could seamlessly continue to use Detectify. Possibility to perform authenticated scans with TOTP based multi-factor authentication (needs setup via support or customer success team).

Detectify was the only solution which besides the deep scan (general web app scanning) provides asset monitoring which autonomously scans your configured apex domains for issues without the need to configure all of your (many) subdomains. With other application scanners you would need a separate tool to perform this kind of "footprint monitoring".

Detectify was the only solution that uses a crowdsource community. All other scanner vendors create their rules only by themselves.

Very helpful and open team to address new features and functionality. Some features we requested were implemented a couple of weeks later. Review collected by and hosted on G2.com.

What do you dislike about Detectify?

API functionality is a little behind what the UI offers. This is only relevant if you want to use the API, for example for scripts.

At the moment no option to "work" on findings within the UI, such as leaving a comment for another colleague like a developer. For us this is not a real problem because we export all findings into a work item tracking tool. Review collected by and hosted on G2.com.

Recommendations to others considering Detectify:

If you are looking for a very easy setup and use web application security scanning solution Detectify is a very good choice. Not only can you scan web apps in depth but you can also get all your configured domains automatically crawled for subdomains and scanned for security issues. Review collected by and hosted on G2.com.

What problems is Detectify solving and how is that benefiting you?

Detectify allows us to efficiently perform continuous scans on our defined applications with "deep scan" profiles and at the same time we can monitor our external footprint with "asset monitoring" which does not require any administration or maintenance. If a new subdomain is used, Detectify will automatically identify it and start scanning it.

Before Detectify we performed such scans with tools like OWASP ZAP. This required much more time to perform the scans and also later create readable reports. Detectify does everything automatically and provides actionable findings with descriptions about the issues, CVSS rating and explanations on how to fix the issue. Review collected by and hosted on G2.com.

J G.

Software Engineer

Small-Business (50 or fewer emp.)

11/8/2021

"Detectify is a low-maintenance way to keep an eye on web security"

3.5/5

What do you like best about Detectify?

Getting notifications about security vulnerabilities is much easier than having to find them myself. Review collected by and hosted on G2.com.

What do you dislike about Detectify?

It would be nice if recurring scans could automatically detect and remove vulnerabilities that have been resolved. Review collected by and hosted on G2.com.