129 tools reviewed

Discover AppSec Tools.
in Minutes, not Months.

I've spent 10+ years evaluating security tools. This is everything I've learned, organized into one searchable directory.

Browse All Tools View Categories

Popular: SAST DAST SCA AI Security ASPM

Application Security Categories

Explore tools organized by security testing methodology

SAST 25 tools

Static Application Security Testing

Static Code Analysis

Explore tools →

SCA 22 tools

Software Composition Analysis

Dependency Vulnerability Scanning

Explore tools →

DAST 27 tools

Dynamic Application Security Testing

Dynamic Vulnerability Scanning

Explore tools →

IAST 8 tools

Interactive Application Security Testing

Runtime Code Analysis

Explore tools →

RASP 5 tools

Runtime Application Self-Protection

Runtime Attack Protection

Explore tools →

AI Security 10 tools

AI Security & LLM Red Teaming

LLM Security & Red Teaming

Explore tools →

API Security 6 tools

API Security Testing

API Discovery & Protection

Explore tools →

IaC Security 6 tools

Infrastructure as Code Security

Infrastructure Misconfiguration Scanning

Explore tools →

ASPM 11 tools

Application Security Posture Management

Unified Vulnerability Management

Explore tools →

Mobile 9 tools

Mobile Application Security Testing

iOS & Android Security Testing

Explore tools →

Recently Added & Updated

Latest tools and reviews from our team

View all

10 TOOLS

AI Security February 2026

AI Security & LLM Red Teaming: 10 Tools Compared

Tools for testing LLMs against prompt injection, jailbreaks, and data leakage. Includes Garak, PyRIT, LLM Guard, and more.

SAST Updated Jan 2026

SonarQube Review Updated

New v10.x features, updated pricing model, and community edition changes.

DAST Updated Jan 2026

OWASP ZAP: Now Under SSP Umbrella

ZAP moved from OWASP to Software Security Project. What changes for users.

SCA December 2025

Snyk vs Dependabot: Which SCA Tool to Choose?

Side-by-side comparison of two popular dependency scanning tools.

IaC Security 6 tools

IaC Security Tools Compared

Checkov, Trivy, KICS, and more scanning Terraform, Kubernetes configs.

Free Newsletter

Stay Ahead in Application Security

Monthly updates on new tools, category changes, and expert insights on AppSec trends. Read by 2,500+ security professionals.

New Tools First to know about new additions

Comparisons Head-to-head tool reviews

Trends Industry shifts & insights

Why AppSec Santa?

Making informed decisions about application security tools shouldn't be overwhelming.

Unbiased Reviews

Honest evaluations based on real-world testing, not vendor marketing.

Comprehensive Coverage

129 tools across 10 categories, from open-source to enterprise.

Always Updated

Regular updates to reflect the latest tool changes and market trends.

Ready to Find the Right Tool?

Browse our comprehensive directory or get personalized recommendations.

Browse All Tools Get in Touch

Discover AppSec Tools.in Minutes, not Months.

Application Security Categories

Static Application Security Testing

Software Composition Analysis

Dynamic Application Security Testing

Interactive Application Security Testing

Runtime Application Self-Protection

AI Security & LLM Red Teaming

API Security Testing

Infrastructure as Code Security

Application Security Posture Management

Mobile Application Security Testing

Recently Added & Updated

AI Security & LLM Red Teaming: 10 Tools Compared

SonarQube Review Updated

OWASP ZAP: Now Under SSP Umbrella

Snyk vs Dependabot: Which SCA Tool to Choose?

IaC Security Tools Compared

Stay Ahead in Application Security

Why AppSec Santa?

Unbiased Reviews

Comprehensive Coverage

Always Updated

Ready to Find the Right Tool?

Discover AppSec Tools.
in Minutes, not Months.