No more typing reviews! Try our Samantha, our new voice AI agent.

Invicti vs Link11 comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 18, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Invicti
Ranking in API Security
10th
Average Rating
8.2
Reviews Sentiment
6.8
Number of Reviews
31
Ranking in other categories
Static Application Security Testing (SAST) (12th), Container Security (26th), Software Composition Analysis (SCA) (10th), Dynamic Application Security Testing (DAST) (4th), Application Security Posture Management (ASPM) (8th)
Link11
Ranking in API Security
22nd
Average Rating
8.8
Reviews Sentiment
7.4
Number of Reviews
10
Ranking in other categories
CDN (19th), Web Application Firewall (WAF) (35th), Distributed Denial-of-Service (DDoS) Protection (23rd), Bot Management (10th)
 

Mindshare comparison

As of July 2026, in the API Security category, the mindshare of Invicti is 3.9%, up from 2.3% compared to the previous year. The mindshare of Link11 is 3.3%, up from 1.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
API Security Mindshare Distribution
ProductMindshare (%)
Invicti3.9%
Link113.3%
Other92.8%
API Security
 

Featured Reviews

Valavan Sivgalingam - PeerSpot reviewer
Senior Manager, Security Engineering at ESS
Dynamic testing regularly identifies web vulnerabilities and has strong false positive confirmations
It has good false positive confirmations, confirmed issues identification, and proof of exploit-related features as part of it. We use Invicti for these things in our portfolios. The solution includes Proof-Based Scanning technology. Invicti is part of our SSDLC portfolio, and DAST dynamic testing is very important for our web applications and portfolios. For both the API endpoints and web applications, we do regular testing on a monthly basis for all our releases. Invicti does a good job. The only concern is on the performance side, but other than that, we find it really helpful in identifying web vulnerabilities. A full scan takes more time based on your website and other factors, but for us, it takes more than two to three days. The scan performance can be improved upon. When we check with them, they discuss proof-based scanning and related aspects. However, there could be intermittent results that could help us.
SS
Senior Director of Engineering - Information Security at Apna
Offers flexibility with a kill switch for bypassing Reblaze if needed and provides a reliable Layer 7 defense against attacks
There is still some room for improvement when it comes to bot management from Reblaze because they are relatively new compared to other vendors in the town. AWS WAF, the Web Application Firewall from AWS, has a vast database of bad IP addresses due to its long-standing presence in this business. Reblaze, being a new entrant, is still building its database of bad IP addresses and malicious systems. So, Reblaze needs to work on that aspect. But other than that, I don't think scaling Reblaze has been an issue. There were some initial glitches, but they were all sorted out. So currently, I would say that the bot management and the database are areas they should focus on for further improvement.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most attractive feature was the reporting review tool. The reporting review was very impressive and produced very fruitful reports."
"When we try to manually exploit the vulnerabilities, it often takes time to realize what's going on and what needs to be done."
"I am impressed by the whole technology that they are using in this solution. It is really fast. When using netscan, the confirmation that it gives on the vulnerabilities is pretty cool. It is really easy to configure a scan in Netsparker Web Application Security Scanner. It is also really easy to deploy."
"It has very good integration with the CI/CD pipeline."
"Invicti's best feature is the ability to identify vulnerabilities and manually verify them."
"Crawling feature: Netsparker has very detail crawling steps and mechanisms. This feature expands the attack surface."
"It has a comprehensive resulting mechanism. It is a one-stop solution for all your security testing mechanisms."
"We use simultaneous products, but I found this to be the best of the lot."
"Reblaze has just made things simpler for us."
"It is a highly resilient product that can handle significantly larger workloads and high volumes of traffic with ease."
"It saved us a lot of time and money and we were able to use fewer resources on our side, saving about $15,000 to $20,000 a year in computing resources because we had the reverse proxy and the caching mechanism and used the platform as a CDN as well."
"The most valuable features were the real-time monitoring and the management. With this kind of product, you need a very good management system to allow you to see false positives in real-time; to see what's happening in real-time... The clarity stood out. It was very visible and very easy to navigate; very easy to find the data we were looking for."
"The best thing about Reblaze, for us, is that it has been a game changer because previously, we were using Google's Web Application Firewall, but it wasn't up to the mark."
"We like the website protection, it's really good, and the dashboard is really simple to use."
"The main feature is using the rules and being able to see the traffic. It helps us find malicious traffic."
"Provides mobile app security."
 

Cons

"The support's response time could be faster since we are in different time zones."
"The solution's false positive analysis and vulnerability analysis libraries could be improved."
"Reporting should be improved. The reporting options should be made better for end-users."
"The scan performance can be improved upon."
"It is a good tool, as we found out with the Community Edition trial, but the price point is quite expensive for a startup or average-sized company."
"The solution needs to make a more specific report."
"Netsparker doesn't provide the source code of the static application security testing."
"The scanner itself should be improved because it is a little bit slow."
"They have an interface that you have to adjust to. That is a bit of a downfall because I expect an interface to be very intuitive for someone who knows little about security. But if you know about security, the interface is wonderful."
"The WAF features are not as granular as we would expect from a WAF system. There should be more granularity and in-depth rules, out-of-the-box."
"There is room for improvement in helping us understanding session management... We want Reblaze to catch and identify everything. We want to see the various devices doing one activity and to see, in a timeline, what's happened. We would like to see a more human-readable display to understand what's happening in the web app."
"We have multiple products behind different instances of Reblaze. We have one instance for staging and then we have a production instance for multiple products. One of the things that we have requested is a unified view panel, so that we can see each of the instances in a unified view. That way, we won't have to go bouncing from instance to instance."
"Up to now the only cons I could find is sometimes getting change management back on track, because it's a company that evolves, and sometimes I don't have the same needs that they have. But besides that, up until now, I am really pleased with their service and I've also recommended them to some of my clients."
"There is room for improvement in helping us understand session management."
"It would be beneficial if it had a workflow or a feature that could fine-tune settings based on high-level requirements."
"I would like to have seen more automated reports. Maybe it has been improved in the last year and I'm just not aware of it. But from a managerial point of view, you want a summary report, a weekly report: How many attacks were blocked? How much bandwidth was saved due to the caching mechanism? What were the top-ten attacks that were tested on the network, etc? I could most likely have found all that data if I logged in to the system and ran different reports. It would be very helpful to get a management report on a weekly basis."
 

Pricing and Cost Advice

"OWASP Zap is free and it has live updates, so that's a big plus."
"We never had any issues with the licensing; the price was within our assigned limits."
"Invicti is best suited for large enterprises. I don't think small and medium-sized businesses can afford it. Maintenance costs aren't that great."
"We are using an NFR license and I do not know the exact price of the NFR license. I think 20 FQDN for three years would cost around 35,000 US Dollars."
"The price should be 20% lower"
"Netsparker is one of the costliest products in the market. It would help if they could allow us to scan multiple URLs on the same license."
"The solution is very expensive. It comes with a yearly subscription. We were paying 6000 dollars yearly for unlimited scans. We have three licenses; basic, business, and ultimate. We need ultimate because it has unlimited scan numbers."
"I think that price it too high, like other Security applications such as Acunetix, WebInspect, and so on."
"On a monthly basis we pay $750."
"I believe that for the six instances we have right now, it's costing us $16,000 per month."
"There is still some room for improvement when it comes to bot management from Reblaze because they are relatively new compared to other vendors in the town."
"We found the cost to be a bit on the higher side, starting at approximately three to four thousand dollars for a small configuration."
report
Use our free recommendation engine to learn which API Security solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
16%
Manufacturing Company
9%
Construction Company
7%
Computer Software Company
7%
Financial Services Firm
15%
Construction Company
12%
Comms Service Provider
10%
Educational Organization
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business14
Midsize Enterprise4
Large Enterprise13
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise3
Large Enterprise2
 

Questions from the Community

What is your experience regarding pricing and costs for Netsparker Web Application Security Scanner?
The setup cost is pretty competitive. For example, if you want to talk about the SAST license, it comes to about $150 or sometimes less than $100, depending on the conversion or the number of licen...
What needs improvement with Invicti?
At this time, there is nothing that comes to mind. However, most of the products in the market are pretty much neck-to-neck competitors. Speaking about it, there are a couple of factors which they ...
What is your primary use case for Invicti?
I have worked on a couple of products, specifically in web application security. I have worked on Invicti, and with respect to PAM, I have worked with BeyondTrust. I have not worked specifically fo...
Ask a question
Earn 20 points
 

Comparisons

 

Also Known As

Netsparker
Reblaze
 

Overview

 

Sample Customers

Samsung, The Walt Disney Company, T-Systems, ING Bank
CBC, Hermes, Gartner
Find out what your peers are saying about Invicti vs. Link11 and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.