Try our new research platform with insights from 80,000+ expert users

Invicti vs OpenText Dynamic Application Security Testing comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 19, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Invicti
Ranking in Dynamic Application Security Testing (DAST)
4th
Average Rating
8.2
Reviews Sentiment
7.3
Number of Reviews
29
Ranking in other categories
Static Application Security Testing (SAST) (14th), API Security (6th)
OpenText Dynamic Applicatio...
Ranking in Dynamic Application Security Testing (DAST)
3rd
Average Rating
7.2
Reviews Sentiment
6.8
Number of Reviews
21
Ranking in other categories
DevSecOps (10th)
 

Mindshare comparison

As of July 2025, in the Dynamic Application Security Testing (DAST) category, the mindshare of Invicti is 13.6%, down from 14.2% compared to the previous year. The mindshare of OpenText Dynamic Application Security Testing is 22.2%, down from 30.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Dynamic Application Security Testing (DAST)
 

Featured Reviews

Kunal M - PeerSpot reviewer
Proactive scanning measures and realistic audit recommendations enhance development focus
Invicti's proactive scanning measures vulnerabilities each time we deploy or push code to a new environment. This feature helps us focus on priorities and prioritize the development team's effort, integrating seamlessly with DevOps to facilitate proactive scans of environments. Invicti also provides audit recommendations that are quite realistic, making it easy to discuss plans with developers.
Navin N - PeerSpot reviewer
Effective scanning of diverse file extensions with fast reporting and issue resolution
We develop software packages for clients, and these clients are mostly in the BFSI sector. The packages need to be scanned, and we engage Fortify WebInspect for this.  Customers typically perform their own application pen tests, but in some cases, we have engagements where customers want us to scan…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Crawling feature: Netsparker has very detail crawling steps and mechanisms. This feature expands the attack surface."
"It correctly parses DOM and JS and has really good support for URL Rewrite rules, which is important for today's websites."
"The scanner is light on the network and does not impact the network when scans are running."
"The solution generates reports automatically and quickly."
"I am impressed with Invictus’ proof-based scanning. The solution has reduced the incidence of false positive vulnerabilities. It has helped us reduce our time and focus on vulnerabilities."
"Netsparker has valuable features, including the ability to scan our website, an interactive approach, and security data integration."
"This tool is really fast and the information that they provide on vulnerabilities is pretty good."
"When we try to manually exploit the vulnerabilities, it often takes time to realize what's going on and what needs to be done."
"The most valuable feature is the static analysis."
"Reporting, centralized dashboard, and bird's eye view of all vulnerabilities are the most valuable features."
"The tool provides comprehensive vulnerability assessments which help ensure our deliverables are as free from vulnerabilities as possible. It has also streamlined our web application vulnerability assessments, assisting us in delivering secure applications to our clients."
"The feature that has been most influential in identifying vulnerabilities is its ability to crawl the website, understand the structure, and analyze the network packets sent and received."
"The solution is able to detect a wide range of vulnerabilities. It's better at it than other products."
"The accuracy of its scans is great."
"The transaction recorder within WebInspect is easy to use, which is valuable for our team."
"The user interface is ok and it is very simple to use."
 

Cons

"Invicti's reporting capabilities need enhancement. We need enterprise-level information instead of repo-level details. Unlike Appiro, Invicti does not provide portfolio-level insights into vulnerability remediation over time."
"Asset scanning could be better. Once, it couldn't scan assets, and the issue was strange. The price doesn't fit the budget of small and medium-sized businesses."
"The licensing model should be improved to be more cost-effective. There are URL restrictions that consume our license. Compared to other DAST solutions and task tools like WebInspect and Burp Enterprise, Invicti is very expensive. The solution’s scanning time is also very long compared to other DAST tools. It might be due to proof-based scanning."
"The scanning time, complexity, and authentication features of Invicti could be improved."
"The custom attack preparation screen might be improved."
"Reporting should be improved. The reporting options should be made better for end-users. Currently, it is possible, but it's not the best. Being able to choose what I want to see in my reports rather than being given prefixed information would make my life easier. I had to depend on the API for getting the content that I wanted. If they could fix the reporting feature to make it more comprehensive and user-friendly, it would help a lot of end-users. Everything else was good about this product."
"It would be better for listing and attacking Java-based web applications to exploit vulnerabilities."
"Netsparker doesn't provide the source code of the static application security testing."
"We have often encountered scanning errors."
"One thing I would like to see them introduce is a cloud-based platform."
"The scanner could be better."
"Fortify WebInspect's shortcoming stems from the fact that it is a very expensive product in Korea, which makes it difficult for its potential customers to introduce the product in their IT environment."
"Not sufficiently compatible with some of our systems."
"Lately, we've seen more false negatives."
"I would like WebInspect's scanning capability to be quicker."
"Our biggest complaint about this product is that it freezes up, and literally doesn't work for us."
 

Pricing and Cost Advice

"It is competitive in the security market."
"We are using an NFR license and I do not know the exact price of the NFR license. I think 20 FQDN for three years would cost around 35,000 US Dollars."
"The solution is very expensive. It comes with a yearly subscription. We were paying 6000 dollars yearly for unlimited scans. We have three licenses; basic, business, and ultimate. We need ultimate because it has unlimited scan numbers."
"OWASP Zap is free and it has live updates, so that's a big plus."
"Invicti is best suited for large enterprises. I don't think small and medium-sized businesses can afford it. Maintenance costs aren't that great."
"I think that price it too high, like other Security applications such as Acunetix, WebInspect, and so on."
"We never had any issues with the licensing; the price was within our assigned limits."
"Netsparker is one of the costliest products in the market. It would help if they could allow us to scan multiple URLs on the same license."
"Our licensing is such that you can only run one scan at a time, which is inconvenient."
"Fortify WebInspect is a very expensive product."
"It’s a fair price for the solution."
"The pricing is not clear and while it is not high, it is difficult to understand."
"This solution is very expensive."
"The price is okay."
"Its price is almost similar to the price of AppScan. Both of them are very costly. Its price could be reduced because it can be very costly for unlimited IT scans, etc. I'm not sure, but it can go up to $40,000 to $50,000 or more than that."
report
Use our free recommendation engine to learn which Dynamic Application Security Testing (DAST) solutions are best for your needs.
862,499 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
18%
Computer Software Company
14%
Manufacturing Company
9%
Educational Organization
9%
Financial Services Firm
16%
Government
15%
Manufacturing Company
12%
Computer Software Company
12%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for Netsparker Web Application Security Scanner?
As a technical user, I do not handle pricing or licensing, but I am aware that Invicti offers flexible licensing models based on organizational needs.
What do you like most about Invicti?
The most valuable feature of Invicti is getting baseline scanning and incremental scan.
What needs improvement with Invicti?
Invicti's reporting capabilities need enhancement. We need enterprise-level information instead of repo-level details. Unlike Appiro, Invicti does not provide portfolio-level insights into vulnerab...
What do you like most about Fortify WebInspect?
The solution's technical support was very helpful.
What is your experience regarding pricing and costs for Fortify WebInspect?
The price of Fortify WebInspect is high, with the cost depending on the number of virtual users. It is approximately 25% higher than other solutions.
What needs improvement with Fortify WebInspect?
The main area for improvement in Fortify WebInspect is the price, as it is too high compared to the market rate. The cost of the license depends on the number of virtual users and, in comparison to...
 

Also Known As

Netsparker
Micro Focus WebInspect, WebInspect
 

Overview

 

Sample Customers

Samsung, The Walt Disney Company, T-Systems, ING Bank
Aaron's
Find out what your peers are saying about Invicti vs. OpenText Dynamic Application Security Testing and other solutions. Updated: June 2025.
862,499 professionals have used our research since 2012.