Sold by: Escape
Deployed on AWS
AI-powered DAST that easily integrates with your modern stack, finds even the most complex issues, and helps developers with remediation.
5
Overview
Image
Business-logic-aware DAST
Image
Attack Path Validation & Code-level Remediation
Image
Automation - CLI, Escape API and workflows
Your AppSec team is 100x smaller than your engineering org.
Escape is built for that math.
Escape is an AI-powered, business-logic-aware DAST built for security teams covering 50+ deployments a week without slowing engineering down. Where legacy DAST sees a form field and runs payload lists, Escape sees a payment flow, an authorization boundary, an OAuth handshake and tests whether the logic actually holds.
What you get with Escape DAST
-
Business-logic testing, not just payload injection. Escape uncovers BOLAs, IDORs, broken access controls, auth bypasses, and pricing logic flaws, all the issues that actually get exploited. Customers see 63% more complex true positives compared to legacy DAST.
-
Security that ships with your code, not after it. Native CI/CD integration scans every build. Findings come with attack paths, screenshots, exploration graphs, and source-code-aware remediation guidance, so engineers fix faster instead of arguing about whether the issue is real. Customers report 80% reduction in time-to-remediation.
-
Built for outnumbered teams. Per-team RBAC, custom rules, AI-assisted setup, and workflows that route findings to the people who own the asset. Security engineers save roughly 12 hours per month on triage and configuration work.
-
Modern auth handled out of the box. OAuth, SAML, password, TLS, TOTP MFA. Authenticated testing without weeks of scripting.
-
Multiplies your existing stack. Findings flow into Wiz with the context risk prioritization actually needs. Tickets, IDE fixes, and chat workflows route to the right engineer with the right evidence.
Escape is a customer-centric company, and we have the privilege of working with exceptional companies like Schibsted (Media), HealthEquity (Healthcare), Applied (InsurTech), Visma & Miro (Tech), DoubleVerify (AdTech), Thinkific (EdTech), and many others.
To receive a private offer quote, email us at sales@escape.tech , or contact your AWS account manager.
Highlights
- Go further than payload-based testing. Using built-in-house AI-powered testing, Escape uncovers deep security issues like BOLAs, IDORs, and Access Control flaws. Our technology achieves 4000% coverage improvement compared to legacy DAST approaches.
- Escape integrates directly into your CI/CD pipeline, provides detailed attack paths, and generates remediations tailored to your exact source code. Remediation becomes part of the process, not an afterthought.
- Automations, workflows, custom rules, and AI-powered setup assistance. Everything is built in for a small team to scale their effort across the entire org.
Details
Sold by
Delivery method
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Trust Center
Access real-time vendor security and compliance information through their Trust Center powered by Drata or Vanta. Review certifications and security standards before purchase.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Escape Enterprise Plan - Up to 15 apps | Up to 15 scanned applications included, unlimited scan frequency, dedicated technical support | $50,000.00 |
Escape Enterprise Plan - Up to 60 apps | Up to 60 scanned applications included, unlimited scan frequency, dedicated technical support | $150,000.00 |
Escape Enterprise Plan - Up to 120 apps | Up to 120 scanned applications included, unlimited scan frequency, dedicated technical support | $240,000.00 |
Vendor refund policy
For any questions regarding refunds, reach out to us at support@escape.tech
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
For any inquiries, kindly reach out to us through your designated support channel or via email at support@escape.tech . You can also make use of our in-app live messaging feature within the Escape platform for real-time assistance.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Escape
By StackHawk, Inc.
By OpenText
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
AI-Powered Dynamic Application Security Testing
Proprietary AI-powered algorithm for vulnerability discovery at business logic level with 4000% coverage improvement compared to legacy DAST approaches.
API Discovery and Inventory Management
Automated discovery and documentation of APIs and Single Page Apps with seamless integrations for API inventory enrichment, visibility, and vulnerability prioritization.
GraphQL Security Testing
GraphQL-native DAST capabilities with comprehensive coverage of GraphQL-specific vulnerabilities integrated into the software development lifecycle.
Modern Stack Compatibility
Support for modern web frameworks, APIs, and CI/CD environments with native integration capabilities.
Business Logic Vulnerability Detection
Testing focused on business logic vulnerabilities rather than configuration issues, with reduced false positives and actionable findings.
Dynamic Application Security Testing (DAST)
Automated dynamic application security testing tool designed to identify vulnerabilities in applications and APIs during the software development lifecycle.
CI/CD Pipeline Integration
Integrates with AWS CodeBuild and AWS CodePipeline to automate security testing as part of the continuous integration and continuous deployment workflow.
Multi-Protocol API Testing Support
Supports testing of REST, GraphQL, SOAP, and gRPC APIs with custom test data capabilities for REST and GraphQL protocols.
Generative AI-Powered API Discovery
Utilizes generative AI technology to identify hidden APIs and provide information about API existence, location, and ownership.
Enterprise Access Control and Compliance
Provides single sign-on, role-based permissions, activity history, audit logging, policy management, and team-based access controls for enterprise deployments.
Static Application Security Testing
Detects over 1137 unique categories of vulnerabilities across 29 programming languages spanning over 1 million individual APIs
Dynamic and Interactive Application Security Testing
Offers dynamic application security testing (DAST), interactive application security testing (IAST), and mobile application security testing (MAST) capabilities on demand
CI/CD Pipeline Integration
Integrates into development toolchain with Swagger-supported RESTful APIs, GitHub repository support, and plugins for DevOps, VSTS, and Jenkins ecosystem partners
Software Supply Chain Security
Provides precise identification and matching of custom code and third-party risks using proprietary research data to protect software integrity and SDLC
Cloud-Native Application Support
Purpose-built to secure rapidly evolving cloud-native technologies and architectures with flexibility to adapt to diverse application requirements and emerging attack vectors
Standard contract
No
No
Customer reviews
Information Technology and Services
Excellent DAST disruptor
Reviewed on Sep 11, 2025
Review provided by G2
What do you like best about the product?
Escape has an excellent modern approach to DAST testing making it easy to manage complex single threaded scans. One of the nicest/underated features is the screen capturing in scan logs allowing teams to quickly validate if authentication has occured and to assess product coverage.
What do you dislike about the product?
Since it is a start up there are some features missing but they have added them to the roadmap and quickly iterate through version based on user feedback a rarity in a stagnant market.
What problems is the product solving and how is that benefiting you?
It solves complex single thread authentication scanning and creates simplicity to DAST scanning which no other vendor was able to provide for us.
Financial Services
API security : inventory & security checks made easy!
Reviewed on Feb 19, 2025
Review provided by G2
What do you like best about the product?
Easy to setup
Easy to integrate to your CI/CD
Public and private internal APIs supported
Nice advices and examples for your developers to address issues
Capacity to create workflows
Easy to integrate to your CI/CD
Public and private internal APIs supported
Nice advices and examples for your developers to address issues
Capacity to create workflows
What do you dislike about the product?
Small company, which could block the purchasing process in some large companies.
Not yet recognized company even if their product is great
Not yet recognized company even if their product is great
What problems is the product solving and how is that benefiting you?
Help identifying vulnerabilities or coding errors continually in our APIs and propose solutions to our developpers.
Nobuyuki I.
Best API security testing tool in the world!
Reviewed on Feb 17, 2025
Review provided by G2
What do you like best about the product?
We have been using Escape platform for a couple years since the beginning of their product.
It effectively addresses the pain points in API security management!
The tool excels in detecting a wide range of API vulnerabilities, including business logic flaws often missed by other solutions.
It effectively addresses the pain points in API security management!
The tool excels in detecting a wide range of API vulnerabilities, including business logic flaws often missed by other solutions.
What do you dislike about the product?
The updates to the platform, while ensuring we always have access to the latest features and security enhancements, can sometimes require a bit of adjustment on our part.
Nevertheless, the benefits of the tool far outweigh this minor inconvenience, and we look forward to seeing how the platform evolves to balance innovation with user familiarity.
Nevertheless, the benefits of the tool far outweigh this minor inconvenience, and we look forward to seeing how the platform evolves to balance innovation with user familiarity.
What problems is the product solving and how is that benefiting you?
We usually build AWS serverless applications for many clients, but we do not have experienced security engineers in our team that's where Escape platform helps us a lot.
Reporting to the client becomes much easier as well, we want to apply Escape security testing to upcoming projects as a standard security assesments
Reporting to the client becomes much easier as well, we want to apply Escape security testing to upcoming projects as a standard security assesments
Information Technology and Services
API Security with Escape
Reviewed on Jan 30, 2025
Review provided by G2
What do you like best about the product?
Easy to integrate. Helped to quickly check and make sure our GraphQL endpoints were secure.
Great customer support as well.
Great customer support as well.
What do you dislike about the product?
No complaints here. Worked great for us.
What problems is the product solving and how is that benefiting you?
It is helping us make sure our API security is up to date.
Hospital & Health Care
Easy product to use
Reviewed on Jul 10, 2024
Review provided by G2
What do you like best about the product?
It's a great application to use to help with security, IT, and easy to use. I liked the look and how easy it is to make my work easier.
What do you dislike about the product?
It does take some time to get use too. There is a steep learning curve and it took a while to learn the ropes and get comfortable using it.
What problems is the product solving and how is that benefiting you?
It helps with the changing world of AI and technology. It can detect issues faster and any security risk.