Check Point CloudGuard WAF vs Invicti comparison

Check Point CloudGuard WAF

Read 26 Invicti reviews

3,246 Views
1,665 Comparison Views

96% willing to recommend

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Check Point CloudGuard WAF and Invicti based on real PeerSpot user reviews.

Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Check Point CloudGuard WAF vs. Invicti Report (Updated: May 2024).

Check Point CloudGuard WAF vs. Invicti

May 2024

Download the complete report

Helped 787,779 peers since 2012

Categories and Ranking

Check Point CloudGuard WAF

Ranking in Application Security Tools

11th

Average Rating

9.0

Number of Reviews

Ranking in other categories

Web Application Firewall (WAF) (12th)

Invicti

Ranking in Application Security Tools

20th

Average Rating

8.2

Number of Reviews

Ranking in other categories

Static Application Security Testing (SAST) (15th)

Mindshare comparison

As of June 2024, in the Application Security Tools category, the mindshare of Check Point CloudGuard WAF is 0.1%, up from 0.0% compared to the previous year. The mindshare of Invicti is 1.2%, down from 1.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Application Security Tools

Unique Categories:

Web Application Firewall (WAF)

0.6%

Static Application Security Testing (SAST)

1.1%

Featured Reviews

Jai Agarwal

Technical Architect at Orange España

Apr 26, 2024

Centralized management, reasonable price, and good support

We have many users or employees who are using the VPN to access our network. More configuration for VPN users is required. More scalability is also required because, as compared to other Check Point solutions, it is less scalable. Its scalability can be better. Last year, the application was being used by 10,000 users. We expanded our businesses, and the user base is now expanded to 25,000. We have seen some latency in accessing the application. If they could scale it better, the users would not face any challenges. There should be automation of threat detection, risk mitigation, and report generation. Reports should have less complexity so that they can be easily analyzed by senior management.

Read full review

Amr Abdelnaser

Senior Information Security Analyst at EastNets Holding Ltd.

Aug 14, 2023

A safe solution used to detective vulnerabilities for dynamic and complex testing

We use this solution to initialize our applications before releasing them to our clients. The first step is deploying our application and scanning it using Invicti. We configure the scanner for our application’s specific server issues, types, and language. After the scan is complete, Invicti will…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The features I have found most valuable are the comprehensive threat prevention capabilities, automated policy management, and seamless integration with cloud environments."

"It is a highly scalable solution with a quick turnaround time for deployment and running of the software across any IT system."

"It seamlessly protects through machine learning, giving us visibility into potential attacks and where they come from."

"Its main value and what we liked the most is its powerful AI."

"It offers good functionality of the application that is currently running."

"The solution offers continuous security monitoring and alerting, which can help organizations detect and respond to security incidents in real time."

"The app control is very sensitive, and the threat detection and prevention is better than other Check Point solutions. There is a centralized management console for threat protection and self-inspection."

"The most effective CloudGuard feature for threat prevention is its web app protection."

More Check Point CloudGuard WAF pros

"The platform is stable."

"I like that it's stable and technical support is great."

"Attacking feature: Actually, attacking is not a solo feature. It contains many attack engines, Hawk, and many properties. But Netsparker's attacking mechanism is very flexible. This increases the vulnerability detection rate. Also, Netsparker made the Hawk for real-time interactive command-line-based exploit testing. It's very valuable for a vulnerability scanner."

"This tool is really fast and the information that they provide on vulnerabilities is pretty good."

"Crawling feature: Netsparker has very detail crawling steps and mechanisms. This feature expands the attack surface."

"I am impressed by the whole technology that they are using in this solution. It is really fast. When using netscan, the confirmation that it gives on the vulnerabilities is pretty cool. It is really easy to configure a scan in Netsparker Web Application Security Scanner. It is also really easy to deploy."

"The scanner is light on the network and does not impact the network when scans are running."

"The dashboard is really cool, and the features are really good. It tells you about the software version you're using in your web application. It gives you the entire technology stack, and that really helps. Both web and desktop apps are good in terms of application scanning. It has a lot of security checks that are easily customizable as per your requirements. It also has good customer support."

More Invicti pros

Cons

"The documentation needs to be updated, more improved, and simplified... so that even a beginner can start with this application. It can make things more beginner-friendly."

"It doesn't detect user activity like some of its competitors. It's not a vulnerability, but it's a legitimate activity that it doesn't detect. It only detects vulnerabilities or misconfigurations."

"I would like to be able to integrate the theme of Artificial Intelligence to help review issues and to monitor and view the security issue while also suggesting and interpreting and additionally configuring solutions - basically, acting as an interpreter."

"There are occasions when it interfaces with other systems, leading to a loss of visibility."

"They should improve in the delivery of more detailed reports with more information."

"It was costlier than other solutions."

"You need to know exactly the system. You cannot have someone running the system if they don't have the knowledge to do so."

"For the next release, I would suggest considering features like enhanced threat intelligence integration."

More Check Point CloudGuard WAF cons

"Invicti takes too long with big applications, and there are issues with the login portal."

"The license could be better. It would help if they could allow us to scan multiple URLs on the same license. It's a major hindrance that we are facing while scanning applications, and we have to be sure that the URLs are the same and not different so that we do not end up consuming another license for it. Netsparker is one of the costliest products in the market. The licensing is tied to the URL, and it's restricted. If you have a URL that you scanned once, like a website, you cannot retry that same license. If you are scanning the same website but in a different domain or different URL, you might end up paying for a second license. It would also be better if they provided proper support for multi-factor authentications. In the next release, I would like them to include good multi-factor authentication support."

"The custom attack preparation screen might be improved."

"I think that it freezes without any specific reason at times. This needs to be looked into."

"They don't really provide the proof of concept up to the level that we need in our organization. We are a consultancy firm, and we provide consultancy for the implementation and deployment solutions to our customers. When you run the scans and the scan is completed, it only shows the proof of exploit, which really doesn't work because the tool is running the scan and exploiting on the read-only form. You don't really know whether it is actually giving the proof of exploit. We cannot prove it manually to a customer that the exploit is genuine. It is really hard to perform it manually and prove it to the concerned development, remediation, and security teams. It is currently missing the static application security part of the application security, especially web application security. It would be really cool if they can integrate a SAS tool with their dynamic one."

"The solution's false positive analysis and vulnerability analysis libraries could be improved."

"The licensing model should be improved to be more cost-effective. There are URL restrictions that consume our license. Compared to other DAST solutions and task tools like WebInspect and Burp Enterprise, Invicti is very expensive. The solution’s scanning time is also very long compared to other DAST tools. It might be due to proof-based scanning."

"The solution needs to make a more specific report."

More Invicti cons

Pricing and Cost Advice

"Check Point CloudGuard Application Security's pricing is not friendly."

"I find the pricing to be reasonable."

"The pricing is not that expensive considering what it offers."

"If the pricing for the Infinity platform covers everything, it would be more straightforward. I had a hard time selling it to our CEO as a former CFO because of the differentials. There are different deltas year to year over a five-year period. It is very difficult to explain. It would be easier to digest for our executives if there was a flatter scale"

"Check Point CloudGuard Application Security's pricing is comparable to other products in the market."

"I work for an Indian banking client. In India, companies are on a budget. The company liked Check Point very much, but it was a little bit costly compared to FortiWeb. However, it had more features compared to FortiWeb."

"Considering all the benefits we've observed, we find the price to be satisfactory."

"It is not cheap, but it is worth it."

More Check Point CloudGuard WAF pricing and cost advice

"The price should be 20% lower"

"We never had any issues with the licensing; the price was within our assigned limits."

"Invicti is best suited for large enterprises. I don't think small and medium-sized businesses can afford it. Maintenance costs aren't that great."

"The solution is very expensive. It comes with a yearly subscription. We were paying 6000 dollars yearly for unlimited scans. We have three licenses; basic, business, and ultimate. We need ultimate because it has unlimited scan numbers."

"We are using an NFR license and I do not know the exact price of the NFR license. I think 20 FQDN for three years would cost around 35,000 US Dollars."

"Netsparker is one of the costliest products in the market. It would help if they could allow us to scan multiple URLs on the same license."

"It is competitive in the security market."

"OWASP Zap is free and it has live updates, so that's a big plus."

More Invicti pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.

See recommendations

787,779 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Security Firm

30%

Financial Services Firm

19%

Healthcare Company

Computer Software Company

Educational Organization

52%

Financial Services Firm

Computer Software Company

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about CloudGuard for Application Security?

The app control is very sensitive, and the threat detection and prevention is better than other Check Point solutions. There is a centralized management console for threat protection and self-inspe...

What is your experience regarding pricing and costs for CloudGuard for Application Security?

It is reasonable compared to other solutions. Check Point is a medium-sized business in the market, whereas F5, Juniper, SonicWall, and IBM are big players. Compared to them, its pricing is quite r...

What needs improvement with CloudGuard for Application Security?

What is your experience regarding pricing and costs for Netsparker Web Application Security Scanner?

The solution is very expensive. It comes with a yearly subscription. We were paying 6000 dollars yearly for unlimited scans. We have three licenses; basic, business, and ultimate. We need ultimate ...

What do you like most about Invicti?

The most valuable feature of Invicti is getting baseline scanning and incremental scan.

What needs improvement with Invicti?

The solution's false positive analysis and vulnerability analysis libraries could be improved.

SonarQube vs Check Point CloudGuard WAF

Comparisons

Compared 63% of the time

Checkmarx One vs Check Point CloudGuard WAF

Compared 37% of the time

More Check Point CloudGuard WAF Competitors

OWASP Zap vs Invicti

Compared 19% of the time

Acunetix vs Invicti

Compared 14% of the time

PortSwigger Burp Suite Professional vs Invicti

Compared 8% of the time

Qualys Web Application Scanning vs Invicti

Compared 7% of the time

Rapid7 AppSpider vs Invicti

Compared 6% of the time

More Invicti Competitors

Product Reports

Check Point CloudGuard WAF

June 2024

Download Check Point CloudGuard WAF product report

Download Invicti product report

June 2024

Also Known As

Check Point CloudGuard Application Security, CloudGuard Application Security, CloudGuard AppSec

Mavituna Netsparker

Learn More

Video not available

Check Point Software Technologies

Overview

Check Point CloudGuard Web Application Firewall (WAF) is a cloud-based security solution engineered to safeguard web applications and APIs against diverse cyber threats. Offering protection against sophisticated attacks, it identifies vulnerabilities listed in the OWASP Top 10 and blocks new threats. Utilizing contextual AI, the system reduces false positives, allowing security professionals to focus on genuine threats. With a zero-configuration setup, it automatically adapts to application changes, ensuring minimal configuration requirements. Promising swift deployments in as little as 48 hours and robust API security, CloudGuard WAF aims to streamline application security management while delivering comprehensive protection.

Invicti helps DevSecOps teams automate security tasks and save hundreds of hours each month by identifying web vulnerabilities that matter. Combining dynamic with interactive testing (DAST + IAST) and software composition analysis (SCA), Invicti scans every corner of an app to find what other tools miss with 99.98% accuracy, delivering on the promise of Zero Noise AppSec. Invicti helps discover all web assets — even ones that are lost, forgotten, or created by rogue departments. With an array of out-of-the-box integrations, DevSecOps teams can get ahead of their workloads to hit critical deadlines, improve processes, and communicate more effectively while reducing risk and hitting the ROI goals.

Sample Customers

Information Not Available

Samsung, The Walt Disney Company, T-Systems, ING Bank