No more typing reviews! Try our Samantha, our new voice AI agent.

Invicti vs Link11 comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 18, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Invicti
Ranking in API Security
10th
Average Rating
8.2
Reviews Sentiment
6.8
Number of Reviews
31
Ranking in other categories
Static Application Security Testing (SAST) (12th), Container Security (26th), Software Composition Analysis (SCA) (10th), Dynamic Application Security Testing (DAST) (4th), Application Security Posture Management (ASPM) (8th)
Link11
Ranking in API Security
22nd
Average Rating
8.8
Reviews Sentiment
7.4
Number of Reviews
10
Ranking in other categories
CDN (19th), Web Application Firewall (WAF) (35th), Distributed Denial-of-Service (DDoS) Protection (23rd), Bot Management (10th)
 

Mindshare comparison

As of July 2026, in the API Security category, the mindshare of Invicti is 3.9%, up from 2.3% compared to the previous year. The mindshare of Link11 is 3.3%, up from 1.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
API Security Mindshare Distribution
ProductMindshare (%)
Invicti3.9%
Link113.3%
Other92.8%
API Security
 

Featured Reviews

Valavan Sivgalingam - PeerSpot reviewer
Senior Manager, Security Engineering at ESS
Dynamic testing regularly identifies web vulnerabilities and has strong false positive confirmations
It has good false positive confirmations, confirmed issues identification, and proof of exploit-related features as part of it. We use Invicti for these things in our portfolios. The solution includes Proof-Based Scanning technology. Invicti is part of our SSDLC portfolio, and DAST dynamic testing is very important for our web applications and portfolios. For both the API endpoints and web applications, we do regular testing on a monthly basis for all our releases. Invicti does a good job. The only concern is on the performance side, but other than that, we find it really helpful in identifying web vulnerabilities. A full scan takes more time based on your website and other factors, but for us, it takes more than two to three days. The scan performance can be improved upon. When we check with them, they discuss proof-based scanning and related aspects. However, there could be intermittent results that could help us.
SS
Senior Director of Engineering - Information Security at Apna
Offers flexibility with a kill switch for bypassing Reblaze if needed and provides a reliable Layer 7 defense against attacks
There is still some room for improvement when it comes to bot management from Reblaze because they are relatively new compared to other vendors in the town. AWS WAF, the Web Application Firewall from AWS, has a vast database of bad IP addresses due to its long-standing presence in this business. Reblaze, being a new entrant, is still building its database of bad IP addresses and malicious systems. So, Reblaze needs to work on that aspect. But other than that, I don't think scaling Reblaze has been an issue. There were some initial glitches, but they were all sorted out. So currently, I would say that the bot management and the database are areas they should focus on for further improvement.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The scanner and the result generator are valuable features for us."
"High level of accuracy and quick scanning."
"OWASP Zap is free and it has live updates, so that's a big plus."
"I am impressed by the whole technology that they are using in this solution. It is really fast. When using netscan, the confirmation that it gives on the vulnerabilities is pretty cool. It is really easy to configure a scan in Netsparker Web Application Security Scanner. It is also really easy to deploy."
"Netsparker has done an awesome job with its crawler, as it has found all of the links (also thanks to its good DOM parser)."
"It is a very good tool."
"I'd recommend Netsparker for anyone who wants to make a security assessment for web applications."
"It correctly parses DOM and JS and has really good support for URL Rewrite rules, which is important for today's websites."
"We like the website protection, it's really good, and the dashboard is really simple to use."
"Reblaze has definitely saved us money; we have estimated that it saves up to €500,000 a year."
"The real-time monitoring and reporting are very good. There are information updates in their portal every two minutes. They also have the ability to spill it into Sumo Logic, for example. It's very easy to use."
"Reblaze knows how to manage security. For me as, someone who knows little about security, it's good that I have a firm that optimizes everything according to their standards. It's their responsibility and they are fully hands-on."
"Reblaze has just made things simpler for us."
"Reblaze has saved us money by optimizing server usage and blocking malicious bots."
"Reblaze provides us with a solution we can count on."
"Provides mobile app security."
 

Cons

"The licensing model should be improved to be more cost-effective. There are URL restrictions that consume our license. Compared to other DAST solutions and task tools like WebInspect and Burp Enterprise, Invicti is very expensive. The solution’s scanning time is also very long compared to other DAST tools. It might be due to proof-based scanning."
"Invicti takes too long with big applications, and there are issues with the login portal."
"Reporting should be improved. The reporting options should be made better for end-users."
"The license could be better. It would help if they could allow us to scan multiple URLs on the same license. It's a major hindrance that we are facing while scanning applications, and we have to be sure that the URLs are the same and not different so that we do not end up consuming another license for it. Netsparker is one of the costliest products in the market. The licensing is tied to the URL, and it's restricted. If you have a URL that you scanned once, like a website, you cannot retry that same license. If you are scanning the same website but in a different domain or different URL, you might end up paying for a second license. It would also be better if they provided proper support for multi-factor authentications. In the next release, I would like them to include good multi-factor authentication support."
"Reporting should be improved. The reporting options should be made better for end-users. Currently, it is possible, but it's not the best. Being able to choose what I want to see in my reports rather than being given prefixed information would make my life easier. I had to depend on the API for getting the content that I wanted. If they could fix the reporting feature to make it more comprehensive and user-friendly, it would help a lot of end-users. Everything else was good about this product."
"Netsparker doesn't provide the source code of the static application security testing."
"It is a good tool, as we found out with the Community Edition trial, but the price point is quite expensive for a startup or average-sized company."
"When scanning a large web-based application, it tends to process slow and takes a long time especially on crawling and attacking part."
"I would like to have seen more automated reports. Maybe it has been improved in the last year and I'm just not aware of it. But from a managerial point of view, you want a summary report, a weekly report: How many attacks were blocked? How much bandwidth was saved due to the caching mechanism? What were the top-ten attacks that were tested on the network, etc? I could most likely have found all that data if I logged in to the system and ran different reports. It would be very helpful to get a management report on a weekly basis."
"Perhaps the automatic reporting could be better. I would like to have seen more automated reports."
"Up to now the only cons I could find is sometimes getting change management back on track, because it's a company that evolves, and sometimes I don't have the same needs that they have. But besides that, up until now, I am really pleased with their service and I've also recommended them to some of my clients."
"There is room for improvement in helping us understanding session management... We want Reblaze to catch and identify everything. We want to see the various devices doing one activity and to see, in a timeline, what's happened. We would like to see a more human-readable display to understand what's happening in the web app."
"The interface on the dashboard could be improved. Some of the settings are confusing which makes things difficult when you're trying to get a handle on the product."
"The next release should have next-generation automation."
"There is room for improvement in helping us understand session management."
"We have multiple products behind different instances of Reblaze. We have one instance for staging and then we have a production instance for multiple products. One of the things that we have requested is a unified view panel, so that we can see each of the instances in a unified view. That way, we won't have to go bouncing from instance to instance."
 

Pricing and Cost Advice

"We are using an NFR license and I do not know the exact price of the NFR license. I think 20 FQDN for three years would cost around 35,000 US Dollars."
"Netsparker is one of the costliest products in the market. It would help if they could allow us to scan multiple URLs on the same license."
"The price should be 20% lower"
"It is competitive in the security market."
"The solution is very expensive. It comes with a yearly subscription. We were paying 6000 dollars yearly for unlimited scans. We have three licenses; basic, business, and ultimate. We need ultimate because it has unlimited scan numbers."
"I think that price it too high, like other Security applications such as Acunetix, WebInspect, and so on."
"OWASP Zap is free and it has live updates, so that's a big plus."
"We never had any issues with the licensing; the price was within our assigned limits."
"There is still some room for improvement when it comes to bot management from Reblaze because they are relatively new compared to other vendors in the town."
"We found the cost to be a bit on the higher side, starting at approximately three to four thousand dollars for a small configuration."
"I believe that for the six instances we have right now, it's costing us $16,000 per month."
"On a monthly basis we pay $750."
report
Use our free recommendation engine to learn which API Security solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
16%
Manufacturing Company
9%
Construction Company
7%
Computer Software Company
7%
Financial Services Firm
15%
Construction Company
12%
Comms Service Provider
10%
Educational Organization
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business14
Midsize Enterprise4
Large Enterprise13
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise3
Large Enterprise2
 

Questions from the Community

What is your experience regarding pricing and costs for Netsparker Web Application Security Scanner?
The setup cost is pretty competitive. For example, if you want to talk about the SAST license, it comes to about $150 or sometimes less than $100, depending on the conversion or the number of licen...
What needs improvement with Invicti?
At this time, there is nothing that comes to mind. However, most of the products in the market are pretty much neck-to-neck competitors. Speaking about it, there are a couple of factors which they ...
What is your primary use case for Invicti?
I have worked on a couple of products, specifically in web application security. I have worked on Invicti, and with respect to PAM, I have worked with BeyondTrust. I have not worked specifically fo...
Ask a question
Earn 20 points
 

Comparisons

 

Also Known As

Netsparker
Reblaze
 

Overview

 

Sample Customers

Samsung, The Walt Disney Company, T-Systems, ING Bank
CBC, Hermes, Gartner
Find out what your peers are saying about Invicti vs. Link11 and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.