Application Security Software

Best Application Security Software include:

Rencore,, and Burp Suite.

Application Security Software TrustMap

TrustMaps are two-dimensional charts that compare products based on trScore and research frequency by prospective buyers. Products must have 10 or more ratings to appear on this TrustMap.

Application Security Software Overview

What is Application Security Software?

Application Security Software is designed to protect software applications from external threats throughout the entire application lifecycle. Enterprise applications sometimes contain vulnerabilities that can be exploited by bad actors. The purpose of this category of software is to protect the many different kinds of application against data theft or other nefarious intent. These include legacy, desktop, cloud, and mobile apps used by both internal employees and also partners and customers. Modern application security solutions must cover the gamut of application types and provide security testing that is easy to use and deploy.

Application security can also be enhanced by creating a security profile for each application that identifies and prioritizes potential threats and documenting actions taken to counter malicious or unplanned events.


  • Source code analysis/scanning
  • Open source component monitoring
  • Vulnerability detection
  • Optimized vulnerability remediation
  • Integration with source code repositories, build management server, bug tracking tools and major IDEs
  • Training resources to sharpen developer security skills

Pricing Details

Pricing varies widely depending on whether the product is a cloud-based solution, cloud + professional services, or an on-premises tool. In general though, application security platforms price by the number of applications and enterprise platforms can be expensive. Entry level pricing is in the region of $40,000 per year.

Application Security Products

(1-25 of 59) Sorted by Most Reviews

Trustwave App Scanner Managed
Chicago-based Trustwave offers a managed option for App Scanner, their application security and testing platform based on the ClicktoSecure technology acquired with the company Cenzic.
Symantec Secure App Service
Symantec Secure App Service is a code signing management solution that includes vetting and approval of software publishers, code signing, key protection, revocation, administrative controls, reporting and audit logs. This cloud-based service also features unique or rotating keys to sign apps and ce…
vArmour is a network, application and data center security solution that provides security solutions specifically aimed at enterprises running services and apps across multiple clouds.
ThisData offers real-time detection of Account Takeover (ATO) attacks for web and mobile applications. ThisData provides users with total visibility with zero configuration required. How ThisData works: • Real-time detection of account takeover via analysis contextual user information.• Use of mach…
IMMUNIO is a Runtime Application Self-Protection (RASP) solution that supports multiple frameworks such as Scala, PHP, Python, Ruby, Node.JS, and Java. After a 2 minute installation, IMMUNIO is equipped to detect and block threats to web applications as they occur in realtime - mitigating account ta…
WhiteSource is a solution for agile open source security and license compliance management. WhiteSource integrates with the DevOps pipeline to detect vulnerable open source libraries in real-time. It provides remediation paths and policy automation to speed up time-to-fix. It also prioritizes vulne…
Cybersecurity Risk Assessment Application
Users can keep their organization’s most sensitive data secure by managing IT security risk across their law firms and other legal service providers with Wolters Kluwer’s ELM Solution’s Cybersecurity Risk Assessment application. This application automates the assessment and management of law firm pe…
Appsec Scale
Appsec Scale is an automated web application security testing solution. According to the vendor, capabilities include:Adapts itself to applications changes and newly discovered threats. Tests continuously the application.Customers keep control of the solution. Goes further than application testing a…
SWAT (the Secure Web Application Tactics) is a continuous vulnerability management solution for web applications.According to the vendor, capabilities include:Automated vulnerability scanning and manual penetration testing by Outpost24 security experts.SWAT adjusts its scanning to any changes in the…
Onapsis, headquartered in Boston, offers application security software to enterprises in the form of the Onapsis Security Platform for SAP and the Onapsis Security Platform for Oracle E-Business Suite.
A platform of Tools for endpoint security and systems management needs. Saner Platform queries systems to find aberrations, and helps systems to retain normality. SanerNow has six different tools that are listed below Vulnerability Management (VM)Patch Management (PM)Asset Management (AM)Compliance …
Infocyte HUNT
Infocyte HUNT aims to provide an easy-to-use, yet powerful enterprise endpoint security solution. Infocyte HUNT is a threat hunting software/platform designed to limit risk and eliminate dwell time by enabling an organization’s own IT and security professionals to proactively discover malware and p…
Proofpoint Mobile Defense
Proofpoint Mobile Defense integrates with enterprise MDM applications to prevent malicious attacks through mobile application security data and access prevention.
JupiterOne promises to: Accelerate compliance and certification audits such as HITRUST, SOC2, PCI, ISO27001 and NIST by assisting companies in creating their security policies, processes and controls as well as easily producing evidence for controls. Automate security instrumentation and orchestrati…
CenturyLink Security Log Monitoring (SLM)
CenturyLink® Security Log Monitoring service provides comprehensive security log traffic monitoring using people, technology and processes to analyze security log traffic 24 hours a day, 7 days a week and includes access to a portal for queries, reports, and other service-related activities. Thi…
Mercury Systems headquartered in Andover offers CodeSEAL, a development environment for designing automated anti-tamper solutions for applications.
Imperva Runtime Application Self-Protection (RASP), formerly Prevoty
Imperva now offers Runtime Application Self-Protection, RASP (formerly Prevoty RASP), for application security and protection against zero day vulnerabilities. Imperva acquired Prevoty in July 2018.
Comodo SecureBox
Comodo Cybersecurity headquartered in Clifton offers SecureBox, an application security platform which provides a secure, containerized version of enterprise apps accessible to users of those apps outside the enterprise in potentially unsecured environments.
Synopsys Polaris
Synopsys headquartered in Mountain View offers the Polaris Software Integrity Platform, providing application security from developer to deployment.
Contrast Interactive Application Security Testing (IAST)
Contrast Security headquartered in Los Altos provides Interactive Application Security Testing (IAST) via Contrast Assess, an application security solution.
Barracuda Cloud Security Guardian
Barracuda Cloud Security Guardian is a comprehensive software platform for public-cloud security and compliance orchestration. It continually scans your infrastructure to detect misconfigurations, actively enforces security best practices, and remediates violations automatically before they become r…
AppTrana is designed to enable users to identify the risk posture of an application, patch the vulnerabilities immediately, and improve website performance instantly through whole site acceleration using distributed global edge locations. The vendor says it also ensures proactive remediation against…
PerimeterX Code Defender
PerimeterX Code Defender monitors web page architecture and scripts’ behavior, by tracking changes and manipulations to the DOM, activities performed on pages, access to elements, and information sent to external domains. Code Defender leverages PerimeterX expertise in behavioral analysis, machine l…
Kiuwan Code Security
Kiuwan Code Security, from Idera company Kiuwan, automatically scans code to identify and remediate vulnerabilities. Compliant with the most stringent security standards, such as OWASP and CWE, Kiuwan Code Security covers all important languages and integrates with leading DevOps tools.
McAfee Application Data Monitor (formerly NitroView ADM)
McAfee Application Data Monitor (formerly NitroView ADM) allows the user ot find application-layer threats. With it the user can see the entire content of an application and underlying protocols—such as an executable embedded inside a PDF document—to detect hidden payloads, malware, and even covert …