We performed a comparison between GitLab and Invicti based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like GitLab's security and SAS tools."
"The tool helps to integrate CI/CD pipeline deployments. It is very easy to learn. Its security model is good."
"GitLab integrates well with other platforms."
"The most valuable feature of GitLab is its security."
"GitLab is kind of an image of GitHub, so it gives us the flexibility to monitor our changes in the repos."
"GitLab's best features are maintenance, branch integration, and development infrastructure."
"I like that you can use GitLab as a double-sided solution for both DevOps and version management. It's a good product for working in these two areas, and the user interface makes it easy to understand."
"I have had no problem with the stability of the solution."
"Invicti is a good product, and its API testing is also good."
"The best features of Invicti are its ability to confirm access vulnerabilities, SSL injection vulnerabilities, and its connectors to other security tools."
"I am impressed by the whole technology that they are using in this solution. It is really fast. When using netscan, the confirmation that it gives on the vulnerabilities is pretty cool. It is really easy to configure a scan in Netsparker Web Application Security Scanner. It is also really easy to deploy."
"The dashboard is really cool, and the features are really good. It tells you about the software version you're using in your web application. It gives you the entire technology stack, and that really helps. Both web and desktop apps are good in terms of application scanning. It has a lot of security checks that are easily customizable as per your requirements. It also has good customer support."
"Scan, proxify the application, and then detailed report along with evidence and remediations to problems."
"Invicti's best feature is the ability to identify vulnerabilities and manually verify them."
"This tool is really fast and the information that they provide on vulnerabilities is pretty good."
"I am impressed with Invictus’ proof-based scanning. The solution has reduced the incidence of false positive vulnerabilities. It has helped us reduce our time and focus on vulnerabilities."
"I've noticed an area for improvement in GitLab, particularly needing to go through many steps to push the code to the repository. Resolving that issue would make the product better. My team quickly fixed it by writing a small script, then double-clicking or enabling the script to take care of the issue. However, that quick fix was from my team and not the GitLab team, so in the next release, if an automatic deployment feature would be available in GitLab, then that would be good because, in Visual Studio, you can do that with just one click of a button."
"The solution does not have many built-in functions or variables so scripting is required."
"The integration could be slightly better."
"GitLab would be improved with the addition of templates for deployment on local PCs."
"Perhaps the integration could be better."
"The documentation is confusing."
"I rate the support from GitLab a four out of five."
"GitLab could improve the patch repository. It does not have support for Conan patch version regions. Additionally, better support for Kubernetes deployment is needed as part of the package."
"The scanning time, complexity, and authentication features of Invicti could be improved."
"The custom attack preparation screen might be improved."
"Reporting should be improved. The reporting options should be made better for end-users. Currently, it is possible, but it's not the best. Being able to choose what I want to see in my reports rather than being given prefixed information would make my life easier. I had to depend on the API for getting the content that I wanted. If they could fix the reporting feature to make it more comprehensive and user-friendly, it would help a lot of end-users. Everything else was good about this product."
"I think that it freezes without any specific reason at times. This needs to be looked into."
"Netsparker doesn't provide the source code of the static application security testing."
"The higher level vulnerabilities like Cross-Site Scripting, SQL Injection, and other higher level injection attacks are difficult to highlight using Netsparker."
"They don't really provide the proof of concept up to the level that we need in our organization. We are a consultancy firm, and we provide consultancy for the implementation and deployment solutions to our customers. When you run the scans and the scan is completed, it only shows the proof of exploit, which really doesn't work because the tool is running the scan and exploiting on the read-only form. You don't really know whether it is actually giving the proof of exploit. We cannot prove it manually to a customer that the exploit is genuine. It is really hard to perform it manually and prove it to the concerned development, remediation, and security teams. It is currently missing the static application security part of the application security, especially web application security. It would be really cool if they can integrate a SAS tool with their dynamic one."
"The proxy review, the use report views, the current use tool and the subset requests need some improvement. It was hard to understand how to use them."
GitLab is ranked 7th in Application Security Tools with 68 reviews while Invicti is ranked 20th in Application Security Tools with 25 reviews. GitLab is rated 8.6, while Invicti is rated 8.2. The top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". On the other hand, the top reviewer of Invicti writes "A customizable security testing solution with good tech support, but the price could be better". GitLab is most compared with Microsoft Azure DevOps, Bamboo, AWS CodePipeline, SonarQube and Tekton, whereas Invicti is most compared with OWASP Zap, Acunetix, PortSwigger Burp Suite Professional, Tenable.io Web Application Scanning and Qualys Web Application Scanning. See our GitLab vs. Invicti report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.