As of May 2026, there are 19 SaaS companies in Dynamic Application Security Testing (DAST) Software. They have combined revenues of $147.2M and employ 1.3K people. They have raised $25.7M and serve 2.5K customers combined.
Dynamic Application Security Testing (DAST) Software is a category of security testing tools designed to identify vulnerabilities in web applications and services while they are running. Unlike static application security testing, DAST assesses applications in real-time from an external perspective, simulating the behavior of potential attackers. This dynamic testing method helps organizations discover issues such as SQL injection, cross-site scripting, and other security weaknesses that could be exploited during operations. DAST tools are primarily used by security professionals and DevSecOps teams to ensure that applications are secured against external threats before they are deployed or while they are live. Common features of DAST software include security scanning, vulnerability detection, and reporting capabilities. These tools often integrate with development pipelines, allowing for continuous security monitoring and compliance throughout the application lifecycle.
Sorting: Highest -> Lowest
Showing 10 of 4 companies ranked by annual revenue.
Knutsford, Cheshire, United Kingdom
PortSwigger is a global leader in cybersecurity, specializing in web application security testing. They created Burp Suite, the leading toolkit for web application security testing.
San Rafael, California, United States
Bright Security is an AI -powered application security platform that integrates application security into SDLC.
Leuven, Belgium
Guardsquare offers the most complete approach to mobile application security on the market. Built on the open source ProGuard technology, Guardsquare’s software integrates seamlessly across the development cycle. From app security testing to code hardening to real-time visibility into the threat landscape, Guardsquare solutions provide enhanced mobile application security from early in the development process through publication. More than 975 customers worldwide across all major industries rely on Guardsquare to help them identify security risks and protect their mobile applications against reverse engineering and tampering.
- The software must scan web applications in real-time for security vulnerabilities. - It must simulate attacks from an external perspective without requiring access to the source code. - Capable of identifying a range of vulnerabilities, such as SQL injection, cross-site scripting, and similar exploits. - Features should include automated reporting of discovered vulnerabilities and potential remediation guidance. - Not limited to static testing; must provide active assessment during application runtime.
Each Tuesday, we reverse-engineer a real SaaS company's revenue, profit, CAC, funnels, and its top growth tactic.
Sign up to access all features
Sign up with GoogleSign up with LinkedInAlready have an account? Log in
GetLatka is trusted by 200k+ founders, researchers, and marketers.
No contracts, cancel at any time
