Softwarefinder
icon-search
Softwarefinder
Detectify

Detectify

Last Updated

Overview

Detectify is an External Attack Surface Management platform that continuously monitors internet-facing assets using ethical hacker-sourced threats. Its payload-based testing delivers high-accuracy results for AppSec teams. While defining scan profiles for large, custom applications can be time-consuming; it helps teams prioritize critical vulnerabilities. A free two-week trial is available.

Get A Firsthand Look At Software
Watch Free Demo

Overall Rating

Based on 13 users reviews

4.2

Rating Distribution

Positive

69%

Neutral

31%

Negative

0%

Starting Price
Custom

Detectify Specifications

Security Measure

Threat Intelligence

Security Audits And Reporting

Security Information And Event Management (SIEM)

View All Specifications

What Is Detectify?

Detectify is a cloud-based security solution that combines External Attack Surface Management (EASM) with Dynamic Application Security Testing (DAST). It continuously discovers and monitors all internet-facing assets—including domains, subdomains, and APIs—and automatically scans them using verified vulnerability research. This unique approach, fueled by a community of expert ethical hackers, ensures the platform tests zero-day and exploitable vulnerabilities before attackers can leverage them.

Detectify Pricing

Detectify pricing consists of three main plans:

  • Surface Monitoring: up to 25 subdomains: €302 / month
  • Application Scanning: 1 domain: €90/month
  • API Scanning: 1 API: €90/month

Detectify offers a two-week free trial.

Request a personalized Detectify price quote for your business today!

Disclaimer: The pricing is subject to change.

Detectify Integrations

Detectify integrates with many software including:

  • Jira
  • Slack
  • OpsGenie
  • Splunk
  • Microsoft Teams
Request a free Detectify demo/a> to learn more about its integration arrangements.

Who Is Detectify For?

Detectify is used by organizations of all sizes, from startups to large enterprises, across industries and sectors, including:

  • Computer software
  • Information technology and services
  • Financial services and fintech
  • Internet and E-commerce
  • Media and telecommunications

Is Detectify Right For You?

Detectify stands out due to its proprietary DAST engine, which leverages vulnerability research submitted by a large community of over 400 ethical hackers. This crowdsourced intelligence means the platform tests the latest, actively exploited vulnerabilities and zero-days, not just known CVEs. The focus on payload-based testing delivers a high vulnerability assessment accuracy rate, drastically reducing the time security teams spend chasing false positives. This approach is critical for modern AppSec teams needing scalable, continuous security coverage for their dynamic digital assets.

Still not sure about Detectify? Contact our support team at (661) 384-7070 for further guidance.

Detectify Features

This centralized view provides application security (AppSec) teams with visibility into all internet-facing assets and their current security status. The dashboard offers complete coverage, combining automated Detectify features like surface monitoring and application scanning, ensuring teams have a single source of truth for their attack surface.

See How It Works

This component delivers continuous External Attack Surface Management (EASM), automatically discovering and inventorying all public-facing assets like domains, subdomains, and cloud resources. It monitors the entire DNS footprint for changes, providing comprehensive asset discovery and risk prioritization across your digital exposure.

See How It Works

The dynamic application security testing (DAST) engine rigorously checks custom-built web applications for critical, exploitable vulnerabilities. It leverages advanced crawling and fuzzing techniques to maintain state and authenticate, ensuring deep, comprehensive assessment even within complex web applications.

See How It Works

This feature focuses on dynamic, security-led assessment of modern APIs exposed via the external attack surface. It uses proprietary fuzzing and real-world payloads to confirm API vulnerabilities with high fidelity. It supports continuous assessment, providing actionable findings for AppSec teams integrated into development workflows.

See How It Works

This specialized monitoring capability continuously scans DNS records to identify and alert on domains susceptible to subdomain takeover attacks. It helps organizations eliminate a critical and common attack vector, providing domain-specific insights and clear remediation guidance to protect brand reputation and user trust.

See How It Works

Pros And Cons of Detectify

Pros

  • Crowdsourced ethical hacking finds zero-days with speed and broad coverage

  • Payload-based testing confirms exploits, reducing noise and false positives

  • Offers full visibility of the external attack surface, including shadow assets

Cons

  • Unfiltered alerts may overwhelm teams with low-priority exposure noise

  • Scaling across many sites requires costly, high-tier pricing plans

Detectify Reviews

Total 13 reviews

4.2

All reviews are from verified customers

Rating Distribution

5

Stars

54%

4

Stars

15%

3

Stars

23%

2

Stars

8%

1

Stars

0%

Share your experience

A

Anonymous

Mid Market, 101-500 employees

3.0
October 2024

Integrates well with other tools

Pros

The dynamic application security testing capabilities really stand out to me. It works well for teams looking to expand their security testing without dealing with complex configurations. Setting it up and customizing it is easy plus it integrates smoothly into our existing workflows.

Cons

The tool has some real gaps that need addressing. One major issue is the poor GraphQL support. It really struggles with mutations and queries. What bothers me most is how unclear the spidering results are. Sure, the crawling feature works but you never really know if it actually covered your entire application properly since there's barely any detail about what it found or missed during the process.

Rating Distribution

Ease of use

6

Value for money

6

Customer Support

9

Functionality

6

PE

Paul E.

Small Business, 11-50 employees

3.0
September 2024

complex set up

Pros

I really appreciate how comprehensive this tool is. There are so many security testing features available. I love that I can tailor everything to fit exactly what I need. The documentation is top-notch too giving clear guidance on fixing any issues that come up.

Cons

Since it's automated it doesn't provide the insights that a human tester would catch. The pricing can get high when you're testing multiple sites and the initial setup process is pretty complex.

Rating Distribution

Ease of use

7

Value for money

6

Customer Support

9

Functionality

7

AK

Arkadiusz K.

Small Business, 1-10 employees

5.0
December 2023

Saves a lot of time

Pros

The automated vulnerability testing is a huge time-saver for our team. We don't have to manually track dependencies anymore which frees us up for other tasks.

Cons

The pricing structure got pretty confusing lately and it's just not competitive anymore for smaller site scans.

Rating Distribution

Ease of use

9

Value for money

7

Customer Support

10

Functionality

9

View All 13 Reviews

Frequently Asked Questions

Yes, Detectify software offers an API.

Detectify supports English for its user interface, console, and vulnerability reporting.

Detectify offers three main pricing plans: Surface Monitoring at €302/month for up to 25 subdomains, Application Scanning at €90/month for one domain, and API Scanning at €90/month for one API. Contact us to get a Detectify cost quote.

The subscription includes access to an extensive knowledge base, documentation, and technical assistance via email and dedicated support channels for enterprise users.

No, Detectify does not offer a mobile app.

Detectify integrates with popular collaboration and security tools, including Jira, Slack, OpsGenie, Splunk, and Microsoft Teams, enabling streamlined vulnerability reporting and response workflows.

Detectify is designed for startups to large enterprises in industries such as software, IT services, financial services, e-commerce, media, and telecommunications, where monitoring and securing web-facing assets is critical.

Popular Comparison