Introducing G2.ai, the future of software buying.Try now

Top Free Interactive Application Security Testing (IAST) Software

Check out our list of free Interactive Application Security Testing (IAST) Software. Products featured on this list are the ones that offer a free trial version. As with most free versions, there are limitations, typically time or features.

If you'd like to see more products and to evaluate additional feature options, compare all Interactive Application Security Testing (IAST) Software to ensure you get the right product.

View Free Interactive Application Security Testing (IAST) Software

G2 takes pride in showing unbiased reviews on user satisfaction in our ratings and reports. We do not allow paid placements in any of our ratings, rankings, or reports. Learn about our scoring methodologies.
9 Interactive Application Security Testing (IAST) Products Available
View all Interactive Application Security Testing (IAST) Software
View all Interactive Application Security Testing (IAST) Software
Contrast Security
(49)4.5 out of 5
2nd Easiest To Use in Interactive Application Security Testing (IAST) software
Save to My Lists
  • Overview
    Expand/Collapse Overview
    • Product Description
    How are these determined?Information
    This description is provided by the seller.

    Contrast Security is the global leader in Application Detection and Response (ADR), empowering organizations to see and stop attacks on applications and APIs in real time. Contrast embeds patented thr

    Users
    No information available
    Industries
    • Insurance
    • Information Technology and Services
    Market Segment
    • 67% Enterprise
    • 20% Mid-Market
  • User Satisfaction
    Expand/Collapse User Satisfaction
    • Contrast Security features and usability ratings that predict user satisfaction
    8.6
    Ease of Use
    Average: 8.5
    9.3
    Quality of Support
    Average: 9.0
    9.0
    Has the product been a good partner in doing business?
    Average: 9.2
    8.9
    Ease of Admin
    Average: 8.6
  • What G2 Users Think
    Expand/Collapse What G2 Users Think
    • Verified User in Insurance
    EI
    Contrast delivers easy and fast vulnerability data about our applications (IDE environments) that continues through production with the RASP... Read review
    SANTHOSH KUMAR D.
    SD
    It's free to some extent Fast then most security scanners Read review
  • Seller Details
    Expand/Collapse Seller Details
    • Seller Details
    Seller
    Contrast Security
    Company Website
    Year Founded
    2014
    HQ Location
    Pleasanton, CA
    Twitter
    @contrastsec
    5,553 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    265 employees on LinkedIn®
Product Description
How are these determined?Information
This description is provided by the seller.

Contrast Security is the global leader in Application Detection and Response (ADR), empowering organizations to see and stop attacks on applications and APIs in real time. Contrast embeds patented thr

Users
No information available
Industries
  • Insurance
  • Information Technology and Services
Market Segment
  • 67% Enterprise
  • 20% Mid-Market
Contrast Security features and usability ratings that predict user satisfaction
8.6
Ease of Use
Average: 8.5
9.3
Quality of Support
Average: 9.0
9.0
Has the product been a good partner in doing business?
Average: 9.2
8.9
Ease of Admin
Average: 8.6
Verified User in Insurance
EI
Contrast delivers easy and fast vulnerability data about our applications (IDE environments) that continues through production with the RASP... Read review
SANTHOSH KUMAR D.
SD
It's free to some extent Fast then most security scanners Read review
Seller Details
Seller
Contrast Security
Company Website
Year Founded
2014
HQ Location
Pleasanton, CA
Twitter
@contrastsec
5,553 Twitter followers
LinkedIn® Page
www.linkedin.com
265 employees on LinkedIn®
Learn more
HCL AppScan
(76)4.1 out of 5
4th Easiest To Use in Interactive Application Security Testing (IAST) software
Save to My Lists
Entry Level Price:Free
  • Overview
    Expand/Collapse Overview
    • Product Description
    How are these determined?Information
    This description is provided by the seller.

    HCL AppScan is a comprehensive suite of market-leading application security testing solutions (SAST, DAST, IAST, SCA, API), available on-premises and on-cloud. These powerful DevSecOps tools pinpoint

    Users
    No information available
    Industries
    • Information Technology and Services
    • Computer & Network Security
    Market Segment
    • 54% Enterprise
    • 28% Small-Business
  • User Satisfaction
    Expand/Collapse User Satisfaction
    • HCL AppScan features and usability ratings that predict user satisfaction
    8.5
    Ease of Use
    Average: 8.5
    8.5
    Quality of Support
    Average: 9.0
    8.8
    Has the product been a good partner in doing business?
    Average: 9.2
    8.7
    Ease of Admin
    Average: 8.6
  • What G2 Users Think
    Expand/Collapse What G2 Users Think
    • Banyu A.
    BA
    One of the best tools for app security. Easy to use and good documentation. Read review
    Verified User in Computer & Network Security
    AC
    trustful assessment easy to use automatic scans Read review
  • Seller Details
    Expand/Collapse Seller Details
    • Seller Details
    Seller
    HCL Technologies
    Year Founded
    1999
    HQ Location
    Noida, Uttar Pradesh
    Twitter
    @hcltech
    441,564 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    244,931 employees on LinkedIn®
    Ownership
    NSE - National Stock Exchange of India
Product Description
How are these determined?Information
This description is provided by the seller.

HCL AppScan is a comprehensive suite of market-leading application security testing solutions (SAST, DAST, IAST, SCA, API), available on-premises and on-cloud. These powerful DevSecOps tools pinpoint

Users
No information available
Industries
  • Information Technology and Services
  • Computer & Network Security
Market Segment
  • 54% Enterprise
  • 28% Small-Business
HCL AppScan features and usability ratings that predict user satisfaction
8.5
Ease of Use
Average: 8.5
8.5
Quality of Support
Average: 9.0
8.8
Has the product been a good partner in doing business?
Average: 9.2
8.7
Ease of Admin
Average: 8.6
Banyu A.
BA
One of the best tools for app security. Easy to use and good documentation. Read review
Verified User in Computer & Network Security
AC
trustful assessment easy to use automatic scans Read review
Seller Details
Seller
HCL Technologies
Year Founded
1999
HQ Location
Noida, Uttar Pradesh
Twitter
@hcltech
441,564 Twitter followers
LinkedIn® Page
www.linkedin.com
244,931 employees on LinkedIn®
Ownership
NSE - National Stock Exchange of India
Learn more

G2 Deals

Buying software just got smarter. And cheaper.

This is how G2 Deals can help you:

  • Easily shop for curated – and trusted – software
  • Own your own software buying journey
  • Discover exclusive deals on software
See Exclusive Offers
Checkmarx
(35)4.2 out of 5
5th Easiest To Use in Interactive Application Security Testing (IAST) software
Save to My Lists
  • Overview
    Expand/Collapse Overview
    • Product Description
    How are these determined?Information
    This description is provided by the seller.

    Checkmarx is constantly pushing the boundaries of Application Security (AppSec) Testing to make security seamless and simple for the world’s developers while giving CISOs the confidence and control th

    Users
    No information available
    Industries
    • Information Technology and Services
    • Computer Software
    Market Segment
    • 57% Enterprise
    • 26% Mid-Market
  • User Satisfaction
    Expand/Collapse User Satisfaction
    • Checkmarx features and usability ratings that predict user satisfaction
    8.2
    Ease of Use
    Average: 8.5
    8.3
    Quality of Support
    Average: 9.0
    8.3
    Has the product been a good partner in doing business?
    Average: 9.2
    7.9
    Ease of Admin
    Average: 8.6
  • What G2 Users Think
    Expand/Collapse What G2 Users Think
    • Verified User in Renewables & Environment
    AR
    Static analysis & Apex Overview of unpackaged code Read review
    Hatim B.
    HB
    Our choice of Checkmarx as a static code audit tool was done after a long reflection. the richness in terms of languages and the customization of... Read review
  • Seller Details
    Expand/Collapse Seller Details
    • Seller Details
    Seller
    Checkmarx.com LTD
    Year Founded
    2006
    HQ Location
    Paramus, NJ
    Twitter
    @Checkmarx
    7,184 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    908 employees on LinkedIn®
Product Description
How are these determined?Information
This description is provided by the seller.

Checkmarx is constantly pushing the boundaries of Application Security (AppSec) Testing to make security seamless and simple for the world’s developers while giving CISOs the confidence and control th

Users
No information available
Industries
  • Information Technology and Services
  • Computer Software
Market Segment
  • 57% Enterprise
  • 26% Mid-Market
Checkmarx features and usability ratings that predict user satisfaction
8.2
Ease of Use
Average: 8.5
8.3
Quality of Support
Average: 9.0
8.3
Has the product been a good partner in doing business?
Average: 9.2
7.9
Ease of Admin
Average: 8.6
Verified User in Renewables & Environment
AR
Static analysis & Apex Overview of unpackaged code Read review
Hatim B.
HB
Our choice of Checkmarx as a static code audit tool was done after a long reflection. the richness in terms of languages and the customization of... Read review
Seller Details
Seller
Checkmarx.com LTD
Year Founded
2006
HQ Location
Paramus, NJ
Twitter
@Checkmarx
7,184 Twitter followers
LinkedIn® Page
www.linkedin.com
908 employees on LinkedIn®
Learn more
OpenText Fortify On Demand
(35)4.1 out of 5
3rd Easiest To Use in Interactive Application Security Testing (IAST) software
Save to My Lists
  • Overview
    Expand/Collapse Overview
    • Product Description
    How are these determined?Information
    This description is provided by the seller.

    Fortify on Demand (FoD) is a complete Application Security as a Service solution. It offers an easy way to get started with the flexibility to scale. In addition to static and dynamic, Fortify on Dema

    Users
    No information available
    Industries
    • Information Technology and Services
    Market Segment
    • 40% Enterprise
    • 31% Small-Business
  • User Satisfaction
    Expand/Collapse User Satisfaction
    • OpenText Fortify On Demand features and usability ratings that predict user satisfaction
    8.2
    Ease of Use
    Average: 8.5
    8.0
    Quality of Support
    Average: 9.0
    8.8
    Has the product been a good partner in doing business?
    Average: 9.2
    8.8
    Ease of Admin
    Average: 8.6
  • What G2 Users Think
    Expand/Collapse What G2 Users Think
    • Verified User in Computer Software
    UC
    HPE Fortify's scans are the best in the industry. There isn't a competitor that can match them in their feature suite and the depth of their... Read review
    AM
    We use the HP Fortify on Demand SaaS, this allows us to free up resources from having to spend time maintaining the infrastructure. The product... Read review
  • Seller Details
    Expand/Collapse Seller Details
    • Seller Details
    Seller
    OpenText
    Year Founded
    1991
    HQ Location
    Waterloo, ON
    Twitter
    @OpenText
    21,716 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    22,403 employees on LinkedIn®
    Ownership
    NASDAQ:OTEX
Product Description
How are these determined?Information
This description is provided by the seller.

Fortify on Demand (FoD) is a complete Application Security as a Service solution. It offers an easy way to get started with the flexibility to scale. In addition to static and dynamic, Fortify on Dema

Users
No information available
Industries
  • Information Technology and Services
Market Segment
  • 40% Enterprise
  • 31% Small-Business
OpenText Fortify On Demand features and usability ratings that predict user satisfaction
8.2
Ease of Use
Average: 8.5
8.0
Quality of Support
Average: 9.0
8.8
Has the product been a good partner in doing business?
Average: 9.2
8.8
Ease of Admin
Average: 8.6
Verified User in Computer Software
UC
HPE Fortify's scans are the best in the industry. There isn't a competitor that can match them in their feature suite and the depth of their... Read review
AM
We use the HP Fortify on Demand SaaS, this allows us to free up resources from having to spend time maintaining the infrastructure. The product... Read review
Seller Details
Seller
OpenText
Year Founded
1991
HQ Location
Waterloo, ON
Twitter
@OpenText
21,716 Twitter followers
LinkedIn® Page
www.linkedin.com
22,403 employees on LinkedIn®
Ownership
NASDAQ:OTEX
Learn more
Semgrep
(31)4.6 out of 5
View top Consulting Services for Semgrep
Save to My Lists
Entry Level Price:$40.00
  • Overview
    Expand/Collapse Overview
    • Product Description
    How are these determined?Information
    This description is provided by the seller.

    Semgrep is a highly customizable application security platform built for security engineers and developers. Semgrep scans first and third-party code to find security issues unique to an organization,

    Users
    No information available
    Industries
    • Computer Software
    • Information Technology and Services
    Market Segment
    • 58% Mid-Market
    • 29% Enterprise
  • User Satisfaction
    Expand/Collapse User Satisfaction
    • Semgrep features and usability ratings that predict user satisfaction
    9.3
    Ease of Use
    Average: 8.5
    9.2
    Quality of Support
    Average: 9.0
    9.5
    Has the product been a good partner in doing business?
    Average: 9.2
    9.2
    Ease of Admin
    Average: 8.6
  • What G2 Users Think
    Expand/Collapse What G2 Users Think
    • Avinash S.
    AS
    It is the most efficient and simple to use integration for SAST. Free, and community-driven Discussions on Slack channels provide valuable help... Read review
    Verified User in Financial Services
    AF
    Easy to add custom rules (e.g. by using the online rule editor). Also, Semgrep App has some nice, convenient features (like private rule repository). Read review
  • Seller Details
    Expand/Collapse Seller Details
    • Seller Details
    Seller
    Semgrep
    Year Founded
    2017
    HQ Location
    San Francisco, US
    Twitter
    @semgrep
    3,817 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    191 employees on LinkedIn®
Product Description
How are these determined?Information
This description is provided by the seller.

Semgrep is a highly customizable application security platform built for security engineers and developers. Semgrep scans first and third-party code to find security issues unique to an organization,

Users
No information available
Industries
  • Computer Software
  • Information Technology and Services
Market Segment
  • 58% Mid-Market
  • 29% Enterprise
Semgrep features and usability ratings that predict user satisfaction
9.3
Ease of Use
Average: 8.5
9.2
Quality of Support
Average: 9.0
9.5
Has the product been a good partner in doing business?
Average: 9.2
9.2
Ease of Admin
Average: 8.6
Avinash S.
AS
It is the most efficient and simple to use integration for SAST. Free, and community-driven Discussions on Slack channels provide valuable help... Read review
Verified User in Financial Services
AF
Easy to add custom rules (e.g. by using the online rule editor). Also, Semgrep App has some nice, convenient features (like private rule repository). Read review
Seller Details
Seller
Semgrep
Year Founded
2017
HQ Location
San Francisco, US
Twitter
@semgrep
3,817 Twitter followers
LinkedIn® Page
www.linkedin.com
191 employees on LinkedIn®
Learn more
Akto
(48)4.5 out of 5
Optimized for quick response
Save to My Lists
Entry Level Price:Free
  • Overview
    Expand/Collapse Overview
    • Product Description
    How are these determined?Information
    This description is provided by the seller.

    Akto is a trusted platform for application security and product security teams to build an enterprise-grade API security program throughout their DevSecOps pipeline. Our industry-leading suite of — AP

    Users
    No information available
    Industries
    • Financial Services
    • Computer Software
    Market Segment
    • 44% Mid-Market
    • 31% Small-Business
  • User Satisfaction
    Expand/Collapse User Satisfaction
    • Akto features and usability ratings that predict user satisfaction
    8.6
    Ease of Use
    Average: 8.5
    9.0
    Quality of Support
    Average: 9.0
    9.1
    Has the product been a good partner in doing business?
    Average: 9.2
    8.4
    Ease of Admin
    Average: 8.6
  • What G2 Users Think
    Expand/Collapse What G2 Users Think
    • Anjali A.
    AA
    It checks for vulnerabilities in all OWASP Top 10 and HackerOne Top 10 categories, such as security setups, authentication, SSRF, and XSS. In order... Read review
    Gopikrishna C.
    GC
    Akto.io has been an outstanding tool for our team. Its user-friendly interface and powerful features have significantly streamlined our workflow.... Read review
  • Seller Details
    Expand/Collapse Seller Details
    • Seller Details
    Seller
    Akto.io
    Company Website
    Year Founded
    2022
    HQ Location
    San Francisco, California
    Twitter
    @Aktodotio
    1,334 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    21 employees on LinkedIn®
Product Description
How are these determined?Information
This description is provided by the seller.

Akto is a trusted platform for application security and product security teams to build an enterprise-grade API security program throughout their DevSecOps pipeline. Our industry-leading suite of — AP

Users
No information available
Industries
  • Financial Services
  • Computer Software
Market Segment
  • 44% Mid-Market
  • 31% Small-Business
Akto features and usability ratings that predict user satisfaction
8.6
Ease of Use
Average: 8.5
9.0
Quality of Support
Average: 9.0
9.1
Has the product been a good partner in doing business?
Average: 9.2
8.4
Ease of Admin
Average: 8.6
Anjali A.
AA
It checks for vulnerabilities in all OWASP Top 10 and HackerOne Top 10 categories, such as security setups, authentication, SSRF, and XSS. In order... Read review
Gopikrishna C.
GC
Akto.io has been an outstanding tool for our team. Its user-friendly interface and powerful features have significantly streamlined our workflow.... Read review
Seller Details
Seller
Akto.io
Company Website
Year Founded
2022
HQ Location
San Francisco, California
Twitter
@Aktodotio
1,334 Twitter followers
LinkedIn® Page
www.linkedin.com
21 employees on LinkedIn®
GuardRails
(29)4.3 out of 5
Save to My Lists
Entry Level Price:Free
  • Overview
    Expand/Collapse Overview
    • Product Description
    How are these determined?Information
    This description is provided by the seller.

    GuardRails is an end-to-end security platform that makes AppSec easier for both security and development teams. We scan, detect, and provide real-time guidance to fix vulnerabilities early. Trusted b

    Users
    No information available
    Industries
    • Information Technology and Services
    • Financial Services
    Market Segment
    • 52% Small-Business
    • 48% Mid-Market
  • User Satisfaction
    Expand/Collapse User Satisfaction
    • GuardRails features and usability ratings that predict user satisfaction
    8.3
    Ease of Use
    Average: 8.5
    8.5
    Quality of Support
    Average: 9.0
    9.4
    Has the product been a good partner in doing business?
    Average: 9.2
    8.7
    Ease of Admin
    Average: 8.6
  • What G2 Users Think
    Expand/Collapse What G2 Users Think
    • Ranu M.
    RM
    It helps developers secure code from any unwanted security issues caused during the development or implementation of technology and notify as soon... Read review
  • Seller Details
    Expand/Collapse Seller Details
    • Seller Details
    Seller
    GuardRails
    Year Founded
    2017
    HQ Location
    Singapore, Singapore
    Twitter
    @guardrailsio
    1,573 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    15 employees on LinkedIn®
Product Description
How are these determined?Information
This description is provided by the seller.

GuardRails is an end-to-end security platform that makes AppSec easier for both security and development teams. We scan, detect, and provide real-time guidance to fix vulnerabilities early. Trusted b

Users
No information available
Industries
  • Information Technology and Services
  • Financial Services
Market Segment
  • 52% Small-Business
  • 48% Mid-Market
GuardRails features and usability ratings that predict user satisfaction
8.3
Ease of Use
Average: 8.5
8.5
Quality of Support
Average: 9.0
9.4
Has the product been a good partner in doing business?
Average: 9.2
8.7
Ease of Admin
Average: 8.6
Ranu M.
RM
It helps developers secure code from any unwanted security issues caused during the development or implementation of technology and notify as soon... Read review
Seller Details
Seller
GuardRails
Year Founded
2017
HQ Location
Singapore, Singapore
Twitter
@guardrailsio
1,573 Twitter followers
LinkedIn® Page
www.linkedin.com
15 employees on LinkedIn®
Learn more
PT Application Inspector
(3)5.0 out of 5
Save to My Lists
  • Overview
    Expand/Collapse Overview
    • Product Description
    How are these determined?Information
    This description is provided by the seller.

    PT Application Inspector™ (PT AI™) is a comprehensive source code analysis tool that offers protection for web applications of any scale. Its holistic approach combines the advantages of static, dynam

    Users
    No information available
    Industries
    No information available
    Market Segment
    • 67% Enterprise
    • 33% Small-Business
  • User Satisfaction
    Expand/Collapse User Satisfaction
    • PT Application Inspector features and usability ratings that predict user satisfaction
    10.0
    Ease of Use
    Average: 8.5
    10.0
    Quality of Support
    Average: 9.0
    10.0
    Has the product been a good partner in doing business?
    Average: 9.2
    10.0
    Ease of Admin
    Average: 8.6
  • What G2 Users Think
    Expand/Collapse What G2 Users Think
    • Verified User in Banking
    UB
    We found the best price in the market and got good scan results. This is the only solution we found on the market which able to build exploit... Read review
  • Seller Details
    Expand/Collapse Seller Details
    • Seller Details
    Seller
    Positive Technologies
    HQ Location
    N/A
    Twitter
    @PTsecurity_UK
    5 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    664 employees on LinkedIn®
Product Description
How are these determined?Information
This description is provided by the seller.

PT Application Inspector™ (PT AI™) is a comprehensive source code analysis tool that offers protection for web applications of any scale. Its holistic approach combines the advantages of static, dynam

Users
No information available
Industries
No information available
Market Segment
  • 67% Enterprise
  • 33% Small-Business
PT Application Inspector features and usability ratings that predict user satisfaction
10.0
Ease of Use
Average: 8.5
10.0
Quality of Support
Average: 9.0
10.0
Has the product been a good partner in doing business?
Average: 9.2
10.0
Ease of Admin
Average: 8.6
Verified User in Banking
UB
We found the best price in the market and got good scan results. This is the only solution we found on the market which able to build exploit... Read review
Seller Details
Seller
Positive Technologies
HQ Location
N/A
Twitter
@PTsecurity_UK
5 Twitter followers
LinkedIn® Page
www.linkedin.com
664 employees on LinkedIn®
Learn more
esChecker MAST (SAST, DAST & IAST)
(2)4.3 out of 5
Save to My Lists
  • Overview
    Expand/Collapse Overview
    • Product Description
    How are these determined?Information
    This description is provided by the seller.

    esChecker combines many years of penetration testing experience with a unique dynamic engine simulating attack techniques, such as reverse-engineering or code tampering. No source code is needed, on

    Users
    No information available
    Industries
    No information available
    Market Segment
    • 100% Small-Business
  • User Satisfaction
    Expand/Collapse User Satisfaction
    • esChecker MAST (SAST, DAST & IAST) features and usability ratings that predict user satisfaction
    10.0
    Ease of Use
    Average: 8.5
    10.0
    Quality of Support
    Average: 9.0
    0.0
    No information available
    0.0
    No information available
  • What G2 Users Think
    Expand/Collapse What G2 Users Think
    • Donatien C.
    DC
    It provides very complete sets of security tests both on Android and iOS. The simple interface is easily adopted by every team member. A dashboard... Read review
    Thomas G.
    TG
    esChecker makes it really easy to deal with mobile security. The interface is easy to use and the campaigns are well explained. The reports are... Read review
  • Seller Details
    Expand/Collapse Seller Details
    • Seller Details
    Seller
    eShard
    Year Founded
    2015
    HQ Location
    Pessac, FR
    LinkedIn® Page
    www.linkedin.com
    38 employees on LinkedIn®
Product Description
How are these determined?Information
This description is provided by the seller.

esChecker combines many years of penetration testing experience with a unique dynamic engine simulating attack techniques, such as reverse-engineering or code tampering. No source code is needed, on

Users
No information available
Industries
No information available
Market Segment
  • 100% Small-Business
esChecker MAST (SAST, DAST & IAST) features and usability ratings that predict user satisfaction
10.0
Ease of Use
Average: 8.5
10.0
Quality of Support
Average: 9.0
0.0
No information available
0.0
No information available
Donatien C.
DC
It provides very complete sets of security tests both on Android and iOS. The simple interface is easily adopted by every team member. A dashboard... Read review
Thomas G.
TG
esChecker makes it really easy to deal with mobile security. The interface is easy to use and the campaigns are well explained. The reports are... Read review
Seller Details
Seller
eShard
Year Founded
2015
HQ Location
Pessac, FR
LinkedIn® Page
www.linkedin.com
38 employees on LinkedIn®
Learn more