getapp-logo

App comparison

Add up to 4 apps below to see how they compare. You can also use the "Compare" buttons while browsing.

Software categoriesBlog & researchAbout us

GetApp offers objective, independent research and verified user reviews. We may earn a referral fee when you visit a vendor through our links. 

Vulnerability Management Software

Last updated: April 2026

1 filter applied

Features

Integrated with

Pricing model

Devices supported

Organization types

User rating

32 software options

CAST Highlight logo

The control tower for your application portfolio.

learn more
CAST Highlight is a SaaS product that provides rapid insights across a portfolio of applications.

Read more about CAST Highlight

Users also considered
Xygeni Security logo

Real Risk. Real Control. From Code to Cloud

learn more
Xygeni Vulnerability Management delivers AI-driven visibility across code, dependencies, CI/CD, infrastructure, and containers. It prioritizes real, exploitable risk, reduces alert fatigue, and accelerates remediation with unified ASPM context and automation.

Read more about Xygeni Security

Users also considered
Axonius logo

Cybersecurity asset management platform

learn more
Axonius is a cybersecurity asset management platform which gives organizations a comprehensive asset inventory, helps uncover security solution coverage gaps, & automatically validates & enforces security policies with 130+ management & security solution integrations, & more.

Read more about Axonius

Users also considered
Beagle Security logo

Secure your web apps & APIs from the latest vulnerabilities

learn more
Beagle Security helps you to identify security weaknesses and vulnerabilities on your web apps & APIs before hackers harm you in any way.

Read more about Beagle Security

Users also considered
Astra Pentest logo

Continuous Pentests (VAPT) that scales with your dev velocit

learn more
AI Powered offensive Pentest Platform

Read more about Astra Pentest

Users also considered
Sprinto logo

Cloud-based solution for security compliance.

learn more
Sprinto is a cloud-based platform designed to help businesses of all sizes manage and streamline their compliance processes. It offers various capabilities such as compliance programs, automated workflows, and continuous control monitoring. Sprinto's risk assessment module allows for quantitative and qualitative evaluation of risks, while its role-based task management ensures seamless collaboration across the organization.

Read more about Sprinto

Users also considered
OX Security logo

Cloud-security solution for administrators.

learn more
OX Security is a cloud security platform that helps small to large businesses in technology, banking, financial services, and other sectors protect their organization from advanced cyber threats. The platform provides real-time threat detection and response capabilities, giving administrators the ability to gain insights into their network so they can identify and address threats before those threats cause damage.

Read more about OX Security

Users also considered
Aikido Security logo

Unified cybersecurity software

learn more
Secure your code, cloud, and runtime environments in one central system.
Find and fix vulnerabilities fast.

Features include SAST, DAST, SCA, IaC, CSPM, Container Security, Malware detection, Runtime Protection, License risk and more.

Read more about Aikido Security

Users also considered
Crashtest Security logo

Cloud-based vulnerability scanning & testing software

learn more
Crashtest Security is a vulnerability testing software that helps businesses perform automated scans to detect cybersecurity threats across applications. Managers can conduct single-page, multi-page, and documentation-based scans to identify attack vectors across several web applications.

Read more about Crashtest Security

Users also considered
Threatspy logo

Reinventing Application Security

learn more
Developer-first Application & API Security Management Platform

Read more about Threatspy

Users also considered
Uptycs logo

Shift up with Uptycs!

learn more
Protect your crown jewels, your development lifecycle, and your data with Uptycs, the unified CNAPP and XDR platform.

Read more about Uptycs

Users also considered
Phoenix Security logo

Vulnerability management and orchestration platform

learn more
AppSec Phoenix helps organizations bring executives, developers and security on a unified platform.

Appsec Phoenix is a vulnerability management and orchestration platform that provides a single pane of glass across Cloud, Infrastructure, Application, Container Security

Read more about Phoenix Security

Users also considered
Invicti logo

Proof-based application security testing platform

learn more
Invicti is a web application and API security platform that provides proof-based vulnerability scanning with DAST, SAST, and ASPM capabilities. The platform discovers and tests websites, applications, and APIs while correlating security findings from multiple tools to prioritize real vulnerabilities. It integrates with CI/CD pipelines and offers AI-powered remediation guidance to help development teams address security issues efficiently.

Read more about Invicti

Users also considered
HackerOne logo

Cybersecurity platform to identify and fix vulnerabilities

learn more
HackerOne is a web-based cybersecurity platform designed to help businesses across various industry verticals such as education, telecom, aviation, media, financial services, and more eliminate vulnerabilities by securing continuous development processes.

Read more about HackerOne

Users also considered
Bytesafe logo

Source code and vulnerability management platform

learn more
Bytesafe is a firewall for dependencies. Using the source code and vulnerability management platform, businesses can protect applications, stay in control and keep unwanted dependencies out of the organization.

Read more about Bytesafe

Users also considered
Snyk logo

Cloud-based security platform to track & fix vulnerabilities

learn more
Snyk is a cloud-based application security and testing platform, which helps enterprises discover and fix vulnerabilities across open source libraries, containers, or codes throughout the development process. Features include runtime monitoring, reporting, exploitability indicators, alerts, and prioritization.

Read more about Snyk

Users also considered
Cobalt logo

(previously CrowdCurity) Pen Testing as a Service

learn more
Cobalt - previously CrowdCurity - is a modern application security platform that supports a complete find-to-fix workflow for all penetration testing and vulnerability assessments throughout an organization

Read more about Cobalt

Users also considered
Versio.io logo

CMDB, IT Asset Management, Governance, Security

learn more
Versio.io continuously and automatically detects and documents changes in businesses and IT landscapes. Data from third-party applications that companies use to run business processes, monitor the IT landscape and control IT service management can be seamlessly integrated.

Read more about Versio.io

Users also considered
Pentest-Tools.com logo

Discover what's possible. Prove what's real.

learn more
From vulnerability scans to proof, Pentest-Tools.com gives 2,000+ security teams in 119 countries the speed, accuracy, and coverage to confidently validate and mitigate risks across their infrastructure (network, cloud, web apps, APIs).

Read more about Pentest-Tools.com

Users also considered
Sysdig logo

The Secure DevOps Company

learn more
Confidently secure containers, Kubernetes and cloud with the Sysdig Secure DevOps Platform. Scan images, detect and respond to threats, validate cloud posture and compliance, monitor and troubleshoot.

Read more about Sysdig

Users also considered
Acunetix logo

Cloud-based and automated web application security solution

learn more
Acunetix (by Invicti) is a vulnerability management solution that scans your website, detects vulnerabilities like XSS or SQL Injection and offers remediation.

Read more about Acunetix

Users also considered
Mend logo

Open source security and licenses compliance

learn more
WhiteSource is the leading solution for agile open source security and management.
We help companies find and fix open source vulnerabilities, including prioritizing vulnerabilities based on vulnerability's effectiveness.

Read more about Mend

Users also considered
Sigrid logo

One platform to manage your entire application landscape

learn more
Sigrid streamlines vulnerability management by delivering continuous, detailed insights into your IT system’s security vulnerabilities, offering specific recommendations for improvement. This enables organizations to maintain robust security measures and manage software risks more effectively.

Read more about Sigrid

Users also considered
Sonatype Lifecycle logo

OSS Application Security and Dependency Management Solution

learn more
Sonatype Lifecycle controls open source risk across the SDLC to help application security scale their operations to the speed of development.

Eliminate unnecessary work
Improve efficiency and speed
Enhance productivity

Read more about Sonatype Lifecycle

Users also considered
Conviso logo

Application Security Posture Management

learn more
The Conviso Platform is an Application Security Posture Management (ASPM) solution that centralizes the management of risks, vulnerabil

Read more about Conviso

Users also considered