Try our new research platform with insights from 80,000+ expert users

Invicti vs OpenText Dynamic Application Security Testing comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 19, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Invicti
Ranking in Dynamic Application Security Testing (DAST)
4th
Average Rating
8.2
Reviews Sentiment
7.3
Number of Reviews
29
Ranking in other categories
Static Application Security Testing (SAST) (14th), API Security (6th)
OpenText Dynamic Applicatio...
Ranking in Dynamic Application Security Testing (DAST)
3rd
Average Rating
7.2
Reviews Sentiment
6.8
Number of Reviews
21
Ranking in other categories
DevSecOps (10th)
 

Mindshare comparison

As of July 2025, in the Dynamic Application Security Testing (DAST) category, the mindshare of Invicti is 13.6%, down from 14.2% compared to the previous year. The mindshare of OpenText Dynamic Application Security Testing is 22.2%, down from 30.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Dynamic Application Security Testing (DAST)
 

Featured Reviews

Kunal M - PeerSpot reviewer
Proactive scanning measures and realistic audit recommendations enhance development focus
Invicti's proactive scanning measures vulnerabilities each time we deploy or push code to a new environment. This feature helps us focus on priorities and prioritize the development team's effort, integrating seamlessly with DevOps to facilitate proactive scans of environments. Invicti also provides audit recommendations that are quite realistic, making it easy to discuss plans with developers.
Navin N - PeerSpot reviewer
Effective scanning of diverse file extensions with fast reporting and issue resolution
We develop software packages for clients, and these clients are mostly in the BFSI sector. The packages need to be scanned, and we engage Fortify WebInspect for this.  Customers typically perform their own application pen tests, but in some cases, we have engagements where customers want us to scan…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Netsparker has valuable features, including the ability to scan our website, an interactive approach, and security data integration."
"The scanner is light on the network and does not impact the network when scans are running."
"It has very good integration with the CI/CD pipeline."
"I am impressed with Invictus’ proof-based scanning. The solution has reduced the incidence of false positive vulnerabilities. It has helped us reduce our time and focus on vulnerabilities."
"Crawling feature: Netsparker has very detail crawling steps and mechanisms. This feature expands the attack surface."
"I am impressed by the whole technology that they are using in this solution. It is really fast. When using netscan, the confirmation that it gives on the vulnerabilities is pretty cool. It is really easy to configure a scan in Netsparker Web Application Security Scanner. It is also really easy to deploy."
"The dashboard is really cool, and the features are really good. It tells you about the software version you're using in your web application. It gives you the entire technology stack, and that really helps. Both web and desktop apps are good in terms of application scanning. It has a lot of security checks that are easily customizable as per your requirements. It also has good customer support."
"Netsparker provides a more interactive interface that is more appealing."
"I've found the centralized dashboard the most valuable. For the management, it helps a lot to have abilities at the central level."
"It is easy to use, and its reporting is fairly simple."
"The solution's technical support was very helpful."
"The user interface is ok and it is very simple to use."
"The solution is easy to use."
"The tool provides comprehensive vulnerability assessments which help ensure our deliverables are as free from vulnerabilities as possible. It has also streamlined our web application vulnerability assessments, assisting us in delivering secure applications to our clients."
"The accuracy of its scans is great."
"Technical support has been good."
 

Cons

"They could enhance the support for data swap testing for the platform."
"The scanner itself should be improved because it is a little bit slow."
"They don't really provide the proof of concept up to the level that we need in our organization. We are a consultancy firm, and we provide consultancy for the implementation and deployment solutions to our customers. When you run the scans and the scan is completed, it only shows the proof of exploit, which really doesn't work because the tool is running the scan and exploiting on the read-only form. You don't really know whether it is actually giving the proof of exploit. We cannot prove it manually to a customer that the exploit is genuine. It is really hard to perform it manually and prove it to the concerned development, remediation, and security teams. It is currently missing the static application security part of the application security, especially web application security. It would be really cool if they can integrate a SAS tool with their dynamic one."
"I think that it freezes without any specific reason at times. This needs to be looked into."
"The solution's false positive analysis and vulnerability analysis libraries could be improved."
"Asset scanning could be better. Once, it couldn't scan assets, and the issue was strange. The price doesn't fit the budget of small and medium-sized businesses."
"It would be better for listing and attacking Java-based web applications to exploit vulnerabilities."
"The scanning time, complexity, and authentication features of Invicti could be improved."
"Creating reports is very slow and it is something that should be improved."
"The installation could be a bit easier. Usually it's simple to use, but the installation is painful and a bit laborious and complex."
"Our biggest complaint about this product is that it freezes up, and literally doesn't work for us."
"Not sufficiently compatible with some of our systems."
"One thing I would like to see them introduce is a cloud-based platform."
"I want to enhance automation. Currently, Fortify WebInspect can scan and find vulnerabilities, but users with specific skills need to interpret the results and understand how to address them."
"We have often encountered scanning errors."
"It took us between eight and ten hours to scan an entire site, which is somewhat slow and something that I think can be improved."
 

Pricing and Cost Advice

"We are using an NFR license and I do not know the exact price of the NFR license. I think 20 FQDN for three years would cost around 35,000 US Dollars."
"I think that price it too high, like other Security applications such as Acunetix, WebInspect, and so on."
"Netsparker is one of the costliest products in the market. It would help if they could allow us to scan multiple URLs on the same license."
"Invicti is best suited for large enterprises. I don't think small and medium-sized businesses can afford it. Maintenance costs aren't that great."
"We never had any issues with the licensing; the price was within our assigned limits."
"It is competitive in the security market."
"The price should be 20% lower"
"OWASP Zap is free and it has live updates, so that's a big plus."
"This solution is very expensive."
"The price is okay."
"The pricing is not clear and while it is not high, it is difficult to understand."
"Fortify WebInspect is a very expensive product."
"It’s a fair price for the solution."
"Its price is almost similar to the price of AppScan. Both of them are very costly. Its price could be reduced because it can be very costly for unlimited IT scans, etc. I'm not sure, but it can go up to $40,000 to $50,000 or more than that."
"Our licensing is such that you can only run one scan at a time, which is inconvenient."
report
Use our free recommendation engine to learn which Dynamic Application Security Testing (DAST) solutions are best for your needs.
859,687 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
25%
Financial Services Firm
14%
Computer Software Company
11%
Manufacturing Company
8%
Financial Services Firm
16%
Government
14%
Manufacturing Company
13%
Computer Software Company
12%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for Netsparker Web Application Security Scanner?
As a technical user, I do not handle pricing or licensing, but I am aware that Invicti offers flexible licensing models based on organizational needs.
What do you like most about Invicti?
The most valuable feature of Invicti is getting baseline scanning and incremental scan.
What needs improvement with Invicti?
Invicti's reporting capabilities need enhancement. We need enterprise-level information instead of repo-level details. Unlike Appiro, Invicti does not provide portfolio-level insights into vulnerab...
What do you like most about Fortify WebInspect?
The solution's technical support was very helpful.
What is your experience regarding pricing and costs for Fortify WebInspect?
The price of Fortify WebInspect is high, with the cost depending on the number of virtual users. It is approximately 25% higher than other solutions.
What needs improvement with Fortify WebInspect?
The main area for improvement in Fortify WebInspect is the price, as it is too high compared to the market rate. The cost of the license depends on the number of virtual users and, in comparison to...
 

Also Known As

Netsparker
Micro Focus WebInspect, WebInspect
 

Overview

 

Sample Customers

Samsung, The Walt Disney Company, T-Systems, ING Bank
Aaron's
Find out what your peers are saying about Invicti vs. OpenText Dynamic Application Security Testing and other solutions. Updated: June 2025.
859,687 professionals have used our research since 2012.