Reviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
41 reviews
from
External reviews are not included in the AWS star rating for the product.
API discovery and API/LLM security testing
What do you like best about the product?
Pynt helps our team discover APIs/LLMs and test them automatically for critical security issues. We specifically enjoy a simple integration with our SDLC.
What do you dislike about the product?
The start can be rough because Pynt needs traffic and we weren't sure how to integrate at first, but once you get the approach and understand what the right deployment is, it's flawless. We discovered thing we didn't even imagine could be in our code bases.
What problems is the product solving and how is that benefiting you?
Automated API discovery to get where our APIs are, was the first step for us. API security testing to track verified vulnerabilities in a shift left motion fixes sent to JIRA.
The easiest shift api security out there.
What do you like best about the product?
Pynt is super easy to get started with, especially if you are like us - using Postman collections in testing.
Pynt's approach makes it easy to simply get alerts on critical issues and lose all the noise. When evaluating other tools, we got so many false positives that we couldnt handle all the findings.
Pynt's approach makes it easy to simply get alerts on critical issues and lose all the noise. When evaluating other tools, we got so many false positives that we couldnt handle all the findings.
What do you dislike about the product?
Nothing so far- it's very straightforward and you can forget about APIs until you get alerts.
What problems is the product solving and how is that benefiting you?
Pynt solves all the API Security issues for us, from discovery to security and we dont have to run manual tests anymore., order external pentest services or worry about outdated data.
Most effective API security + DAST solution
What do you like best about the product?
The team has been very impressed by Pynt's security engine. The most impactful features are critical findings and a large set of integrations that fit our complex stack. We're only leveraging the REST API, but Pynt's coverage goes beyond, which for us is very important as we grow. The tool is the only tool that captures API traffic effectively. Pynt covers first our API discovery needs, then tests for security issues.
What do you dislike about the product?
Improving is always needed, but their dev teams rush to fix and add features that are critical for us.
What problems is the product solving and how is that benefiting you?
Pynt solves the API mess problem. It discovers what we use (which is a mess) then helps us secure our APIs automatically.
Complete End to End API Discovery and Security
What do you like best about the product?
Pynt helps us clear our mind from API security issues. It takes care of both discovery and security in one go. Connected to our software development very easily.
What do you dislike about the product?
Pynt is great once you're up. It took us some time to get started, but not bc of Pynt team who were very helpful, but the usual security solutions mess where setup requires different people.
What problems is the product solving and how is that benefiting you?
Automated API Discovery, automated security testing, fixes etc
Automated and contextualAPI security testing and discovery
What do you like best about the product?
Using Pynt brings clarity to the black box called APIs in our organization. We use it for API discovery, scanning API security issues, tracking, alerting and suggesting fixes to our APIs - all automated as part of our SDLC.
What do you dislike about the product?
Nothing really, Pynt team is very helpful, and helps us get what we need.
What problems is the product solving and how is that benefiting you?
Automated api discovery, automated security testing, vulnerability fix suggestions.
Pynt: Shift-Left API Security
What do you like best about the product?
You don’t have to be a security engineer to get value from Pynt. If you already have an Open API spec or Postman collection, Pynt can auto-generate security tests for common vulnerabilities. This is huge for dev teams who don’t have dedicated AppSec people.
What do you dislike about the product?
Pynt works best when your API has a clean OpenAPI spec or well-defined Postman collections.
If your API is messy, undocumented, or highly dynamic (like GraphQL or multi-step workflows with complex state), Pynt’s auto-generated tests might miss important edge cases.
If your API is messy, undocumented, or highly dynamic (like GraphQL or multi-step workflows with complex state), Pynt’s auto-generated tests might miss important edge cases.
What problems is the product solving and how is that benefiting you?
Pynt codifies security best practices (OWASP API Top 10, fuzzing, auth tests, etc.) so you don’t need to be an expert to catch common vulnerabilities.
Performance and Usability Review of pynt G2
What do you like best about the product?
What stands out most about Pynt is its seamless integration with CI/CD pipelines, allowing automated API security scans without disrupting the development workflow. It intelligently maps out API structures, identifies vulnerabilities (like injection, misconfigurations, or authorization flaws), and provides developer-friendly remediation guidance, which makes fixing issues far more efficient.
The fact that it requires no extra scripting or complex configuration is a huge plus—it runs security tests automatically from OpenAPI specs, Postman collections, or traffic captures. The real-time insights and clear severity ratings make it easier to prioritize fixes.
Overall, Pynt strikes a solid balance between developer usability and strong security coverage, which is often hard to find in API security tools.
The fact that it requires no extra scripting or complex configuration is a huge plus—it runs security tests automatically from OpenAPI specs, Postman collections, or traffic captures. The real-time insights and clear severity ratings make it easier to prioritize fixes.
Overall, Pynt strikes a solid balance between developer usability and strong security coverage, which is often hard to find in API security tools.
What do you dislike about the product?
While Pynt is powerful and developer-friendly, one drawback is that its reporting and dashboard features can feel limited, especially when managing multiple APIs across large teams. It could benefit from more granular filtering, historical comparison, and export options to help track security posture over time.
Additionally, for more complex or custom API implementations, Pynt may miss certain business logic vulnerabilities that require deeper contextual understanding. In such cases, supplementing with manual testing or other tools becomes necessary.
Lastly, initial onboarding can feel a bit opaque for teams without OpenAPI specs or well-documented collections, which makes early setup slightly harder than expected.
Additionally, for more complex or custom API implementations, Pynt may miss certain business logic vulnerabilities that require deeper contextual understanding. In such cases, supplementing with manual testing or other tools becomes necessary.
Lastly, initial onboarding can feel a bit opaque for teams without OpenAPI specs or well-documented collections, which makes early setup slightly harder than expected.
What problems is the product solving and how is that benefiting you?
Pynt addresses one of the most critical and commonly overlooked areas in modern application development: API security. Traditionally, API security testing is manual, time-consuming, and often occurs too late in the development cycle. Pynt solves this by:
Automating API security tests during CI/CD, allowing us to catch vulnerabilities like broken access control, injection flaws, and misconfigurations early.
Eliminating the need for dedicated security expertise at every step, making security accessible to developers through intuitive tooling and actionable feedback.
Reducing time to remediate vulnerabilities, thanks to detailed, context-aware suggestions.
Enhancing compliance and risk mitigation by continuously scanning APIs against industry standards like OWASP API Top 10.
Automating API security tests during CI/CD, allowing us to catch vulnerabilities like broken access control, injection flaws, and misconfigurations early.
Eliminating the need for dedicated security expertise at every step, making security accessible to developers through intuitive tooling and actionable feedback.
Reducing time to remediate vulnerabilities, thanks to detailed, context-aware suggestions.
Enhancing compliance and risk mitigation by continuously scanning APIs against industry standards like OWASP API Top 10.
Pynt - Innovative API Security Testing
What do you like best about the product?
Uses live testing and automation data to build security baselines to discovery and map API usage.
What do you dislike about the product?
Process to setup the container and scanning process can be challenging. Required assistance from support.
What problems is the product solving and how is that benefiting you?
We had no visibility into the attack surfaces of our APIs. Now we have an automated way to validate the security controls and OWASP API top ten controls.
Pynt is the most effective API security testing tool I have found
What do you like best about the product?
What I appreciate most about Pynt is its seamless integration into existing CI/CD pipelines, allowing for automated and continuous API security testing without disrupting development workflows
What do you dislike about the product?
there is no proper reports very basic report in there
What problems is the product solving and how is that benefiting you?
They need to enhancement the reporting part
Ticks all the boxes for API security, with quick integration & results in minutes.
What do you like best about the product?
I especially like Pynt’s simple approach. Integration and onboarding was super quick and it seamlessly answers all the issues we were struggling with - fixing API vulnerabilities easily and automatically, as well as getting real and accurate results.
What do you dislike about the product?
Nothing, the app delivers everything you need seamlessly and efficiently.
What problems is the product solving and how is that benefiting you?
API security testing to track verified vulnerabilities, suggest fixes, SLDC
showing 1 - 10