OWASP does
NOT endorse any commercial service or product.
What we do have though is a a guide called the Application Security Verification Standard (
http://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project) which provides organizations with the information they need to intelligently choose what type of security assessment is required for your application or site.
All types of security assessment (automated scan, static analysis scan, manual code review, penetration
test, etc) have advantages and disadvantages and this document helps to differentiate between these types of assessments.
Hopefully, you can use the qualities identified in this document for a solid "security assessment" as a source of principles to guide you to choosing a particular tool or vendor.
-Jason
OWASP Global Projects Committee Chair