Skip to content
Z Zendikt
D
Penetration Testing as a Service (PTaaS) · Rank #10 of 10

Detectify review and pricing

Swedish web-app and external attack surface monitoring with crowdsourced signature library.

By Detectify AB · Founded 2013 · Stockholm, Sweden · private

Detectify is the Swedish web-application and external attack surface monitoring platform, founded 2013 in Stockholm by former bug-bounty researchers, with a customer base concentrated in EU and US SaaS companies and security-conscious mid-market organizations. Strengths: a crowdsourced researcher-fed signature library (Crowdsource program pays researchers for novel vulnerability modules that then get added to the scanner, this is the closest the category has to PTaaS-meets-DAST), strong fit for continuous external monitoring of web-facing assets (Surface Monitoring and Application Scanning products), EU data residency on platform infrastructure (Stockholm), and a developer-friendly UX that engineering teams adopt. Best fit for cloud-native SaaS companies and security-conscious mid-market organizations (100-2,500 employees) needing continuous external web-app and surface monitoring rather than scheduled point-in-time pen tests. Trade-offs: this is meaningfully more of a DAST + EASM product than a true PTaaS (no scheduled human-led pen tests, no researcher-led engagement model); product breadth narrower than HackerOne / Bugcrowd / Cobalt; researcher pool meaningfully smaller; brand recognition in US Fortune 500 thinner; and the position at the edge of the PTaaS category means buyers should be clear-eyed about what they are buying (continuous scanning enriched by researcher-contributed signatures, not human-delivered pen tests).

Visit Detectify Vendor pricing Compare to Nettitude
Best for

Cloud-native SaaS companies and security-conscious mid-market organizations (100-2,500 employees) needing continuous external web-app and surface monitoring enriched by researcher-contributed signatures, particularly EU-headquartered or EU-operating companies.

Worst for

Buyers wanting true scheduled human-led pen tests (Cobalt / HackerOne PTaaS / Synack better), Fortune 500 wanting the largest researcher pool (HackerOne / Bugcrowd better), US federal buyers (Synack better federal pedigree), or buyers needing broad PTaaS product breadth (Bugcrowd / HackerOne broader).

Vendor Trust Score

Is Detectify a trustworthy vendor?

8.3/10
High trust
Pricing transparency
Published rates; no hidden fees
8.5
Contract fairness
Reasonable terms; no auto-renew traps
8.5
Incident response
How they handle outages and breaches
8.5
Post-acquisition behavior
Customer treatment after M&A or PE
8.5
Executive stability
Leadership churn over 24 months
8.0
Roadmap honesty
Public commitments held
8.0
Trust signal log
  • 2022-09-22
    Series B raised $10M; EU growth capital secured
  • 2024-04-22
    Crowdsource program crossed milestone in researcher-contributed vulnerability modules; signature library expanded
  • 2025-03-22
    Surface Monitoring product expanded with NIS2-mapped reporting; EU compliance positioning strengthened
Vendor Trust is scored independently of product quality. A great product from an unfair vendor still earns a low trust score.
Review Intelligence

What 110 reviews actually say

Synthesized from G2, Capterra, Reddit, Trustpilot. Patterns >15% prevalence shown.

Last synthesized
2026-04-30

Praise patterns

  • Crowdsource researcher-contributed signatures differentiated
    87%
  • Continuous external monitoring valuable for SaaS
    78%
  • Developer-friendly UX adopted by engineering
    71%
  • EU data residency (Stockholm) valued
    51%

Complaint patterns

  • More DAST + EASM than true PTaaS
    47%
  • Product breadth narrower than HackerOne / Bugcrowd
    41%
  • Per-domain / per-application pricing escalates
    38%
  • US Fortune 500 brand recognition thinner
    31%
Sentiment trend (6 months)
84/100 +2 pts
12
01
02
03
04
05
Patterns are extracted from review corpus and human-verified. We surface trends, not anecdotes.
Verified Pricing

What buyers actually pay

72 anonymized deal disclosures · last updated 2026-05-01

Contribute your deal price
Company size Median annual
Surface Monitoring (mid-market) $12,000
Application Scanning (mid-market) $36,000
Enterprise bundle $96,000
Verified pricing is crowdsourced from buyers under anonymity guarantees. Vendor-listed prices are validated against actual deals quarterly.
Compliance & Security

Auto-verified certifications

Verified 2026-05-01
SOC 2 Type II
ISO 27001
HIPAA
GDPR
CCPA
PCI DSS
FedRAMP

Editorial: Strengths

  • Crowdsource program pays researchers for novel vulnerability modules
  • Strong continuous external monitoring (Surface Monitoring, Application Scanning)
  • EU data residency (Stockholm-based platform infrastructure)
  • Developer-friendly UX engineering teams adopt
  • Mature for cloud-native SaaS and mid-market
  • GDPR-native handling
  • Fast deployment and time-to-value

Editorial: Weaknesses

  • Meaningfully more DAST + EASM than true PTaaS (no human-led pen tests)
  • Product breadth narrower than HackerOne / Bugcrowd / Cobalt
  • Researcher pool meaningfully smaller
  • Brand recognition in US Fortune 500 thinner
  • Edge-of-category positioning requires clear-eyed buying

Key features & integrations

  • +Surface Monitoring (external attack surface)
  • +Application Scanning (deep web-app scanning)
  • +Crowdsource program (researcher-contributed vulnerability modules)
  • +Continuous scanning (not scheduled point-in-time)
  • +EU data residency (Stockholm)
  • +GDPR-native handling
  • +Mature integrations (Jira, Slack, GitHub)
  • +Developer-friendly UX
30+ integrations
JiraSlackGitHubGitLabPagerDutyServiceNow
Geography supported
EU primary; US and UK growing
Best fit
50 to 5,000 employees · Cloud-native SaaS and security-conscious mid-market
Editorial deep-dive

Read our full ranking of Penetration Testing as a Service (PTaaS)

Detectify ranks #10 in our editorial review of 10 penetration testing as a service (ptaas) platforms. The deep-dive covers methodology, comparison tables, decision matrix, migration scoring, and FAQs.

Read the full ranking

Closest alternatives in Penetration Testing as a Service (PTaaS)

#9
Nettitude
UK + US-based pen testing with CREST, CHECK, and STAR-FS certifications under Lloyds Register.
★ 4.5 opaque
#8
Rapid7 PTaaS
PTaaS leveraging Insight platform and Velociraptor managed-services capability.
★ 4.3 partial
#7
Trustwave PTaaS
Legacy-MSSP heritage PTaaS; acquisition uncertainty material after Singtel sale.
★ 4.0 opaque
Help the next buyer

Contribute your verified deal price

Pricing in B2B software is opaque because vendors want it that way. Verified buyer prices fix that, anonymously. Share what you actually paid for Detectify; we’ll add it to the verified pricing dataset on this page (with company size band only, no identifying details).

Submit anonymously