Try our new research platform with insights from 80,000+ expert users

CucumberStudio vs Invicti comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

CucumberStudio
Ranking in Dynamic Application Security Testing (DAST)
7th
Average Rating
8.0
Reviews Sentiment
7.1
Number of Reviews
12
Ranking in other categories
Rapid Application Development Software (26th)
Invicti
Ranking in Dynamic Application Security Testing (DAST)
4th
Average Rating
8.2
Reviews Sentiment
7.3
Number of Reviews
29
Ranking in other categories
Static Application Security Testing (SAST) (14th), API Security (6th)
 

Mindshare comparison

As of July 2025, in the Dynamic Application Security Testing (DAST) category, the mindshare of CucumberStudio is 0.5%, up from 0.2% compared to the previous year. The mindshare of Invicti is 13.6%, down from 14.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Dynamic Application Security Testing (DAST)
 

Featured Reviews

Walter Wirch - PeerSpot reviewer
Facilitates integration of test scenarios while needing modernization of components
CucumberStudio is primarily used for designing test scenarios and automating testing. We have implemented it in conjunction with our own routines for integration into our infrastructure CucumberStudio aligns with our strategy for data-driven testing. It supports our product owners in designing…
Kunal M - PeerSpot reviewer
Proactive scanning measures and realistic audit recommendations enhance development focus
Invicti's proactive scanning measures vulnerabilities each time we deploy or push code to a new environment. This feature helps us focus on priorities and prioritize the development team's effort, integrating seamlessly with DevOps to facilitate proactive scans of environments. Invicti also provides audit recommendations that are quite realistic, making it easy to discuss plans with developers.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution is stable."
"The best thing is that a person without knowledge about the program can easily understand what happened in our testing process."
"The URL is very useful, and it has a very good UI for deploying information of the scenarios created."
"CucumberStudio aligns with our strategy for data-driven testing."
"The data table that helps in converting a single script to multiple test cases is very helpful."
"CucumberStudio aligns with our strategy for data-driven testing."
"CucumberStudio has a very user-friendly interface."
"The most valuable feature of CucumberStudio is its use of action words, which allows me to avoid writing test cases from scratch for the most common scenarios."
"Netsparker provides a more interactive interface that is more appealing."
"The scanner is light on the network and does not impact the network when scans are running."
"The most valuable feature of Invicti is getting baseline scanning and incremental scan."
"The solution generates reports automatically and quickly."
"The best features of Invicti are its ability to confirm access vulnerabilities, SSL injection vulnerabilities, and its connectors to other security tools."
"I am impressed by the whole technology that they are using in this solution. It is really fast. When using netscan, the confirmation that it gives on the vulnerabilities is pretty cool. It is really easy to configure a scan in Netsparker Web Application Security Scanner. It is also really easy to deploy."
"Crawling feature: Netsparker has very detail crawling steps and mechanisms. This feature expands the attack surface."
"Scan, proxify the application, and then detailed report along with evidence and remediations to problems."
 

Cons

"The reporting needs to be improved."
"A key area for improvement is to revamp outdated components such as HipTest publisher."
"I think it would be better if we could also do the reporting with CucumberStudio."
"Another kind of deployment might be useful, perhaps an option to install the tool in a local deployment."
"I would like to see better customer support."
"A key area for improvement is to revamp outdated components such as HipTest publisher."
"CucumberStudio's API integration could be improved both in terms of reliability and design."
"Currently, there is nothing I would like to improve."
"The support's response time could be faster since we are in different time zones."
"Right now, they are missing the static application security part, especially web application security."
"The proxy review, the use report views, the current use tool and the subset requests need some improvement. It was hard to understand how to use them."
"The scanning time, complexity, and authentication features of Invicti could be improved."
"They don't really provide the proof of concept up to the level that we need in our organization. We are a consultancy firm, and we provide consultancy for the implementation and deployment solutions to our customers. When you run the scans and the scan is completed, it only shows the proof of exploit, which really doesn't work because the tool is running the scan and exploiting on the read-only form. You don't really know whether it is actually giving the proof of exploit. We cannot prove it manually to a customer that the exploit is genuine. It is really hard to perform it manually and prove it to the concerned development, remediation, and security teams. It is currently missing the static application security part of the application security, especially web application security. It would be really cool if they can integrate a SAS tool with their dynamic one."
"Invicti's reporting capabilities need enhancement."
"Invicti takes too long with big applications, and there are issues with the login portal."
 

Pricing and Cost Advice

Information not available
"We are using an NFR license and I do not know the exact price of the NFR license. I think 20 FQDN for three years would cost around 35,000 US Dollars."
"The price should be 20% lower"
"Netsparker is one of the costliest products in the market. It would help if they could allow us to scan multiple URLs on the same license."
"I think that price it too high, like other Security applications such as Acunetix, WebInspect, and so on."
"It is competitive in the security market."
"OWASP Zap is free and it has live updates, so that's a big plus."
"We never had any issues with the licensing; the price was within our assigned limits."
"The solution is very expensive. It comes with a yearly subscription. We were paying 6000 dollars yearly for unlimited scans. We have three licenses; basic, business, and ultimate. We need ultimate because it has unlimited scan numbers."
report
Use our free recommendation engine to learn which Dynamic Application Security Testing (DAST) solutions are best for your needs.
863,564 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
No data available
Financial Services Firm
18%
Computer Software Company
14%
Manufacturing Company
10%
Government
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What needs improvement with Hiptest?
CucumberStudio's API integration could be improved both in terms of reliability and design. The API requires data to be sent in a specific format, which takes time to build. Additionally, the repor...
What is your primary use case for Hiptest?
I use CucumberStudio as a test case repository. All of our test cases are stored there. It is also part of our test planning process. For every sprint, we plan the test cases in CucumberStudio and ...
What advice do you have for others considering Hiptest?
For teams following a BDD style software development approach, CucumberStudio is a great collaborative tool that covers all the basic requirements of a test management tool. I would rate CucumberSt...
What is your experience regarding pricing and costs for Netsparker Web Application Security Scanner?
As a technical user, I do not handle pricing or licensing, but I am aware that Invicti offers flexible licensing models based on organizational needs.
What do you like most about Invicti?
The most valuable feature of Invicti is getting baseline scanning and incremental scan.
What needs improvement with Invicti?
Invicti's reporting capabilities need enhancement. We need enterprise-level information instead of repo-level details. Unlike Appiro, Invicti does not provide portfolio-level insights into vulnerab...
 

Also Known As

Hiptest
Netsparker
 

Overview

 

Sample Customers

Cisco, Cardinal Health, Intuit, Smartbox, Accenture, Deliveroo
Samsung, The Walt Disney Company, T-Systems, ING Bank
Find out what your peers are saying about CucumberStudio vs. Invicti and other solutions. Updated: June 2025.
863,564 professionals have used our research since 2012.