We performed a comparison between Invicti and Rapid7 AppSpider based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The dashboard is really cool, and the features are really good. It tells you about the software version you're using in your web application. It gives you the entire technology stack, and that really helps. Both web and desktop apps are good in terms of application scanning. It has a lot of security checks that are easily customizable as per your requirements. It also has good customer support."
"The scanner is light on the network and does not impact the network when scans are running."
"The scanner and the result generator are valuable features for us."
"This tool is really fast and the information that they provide on vulnerabilities is pretty good."
"The most valuable feature of Invicti is getting baseline scanning and incremental scan."
"I am impressed with Invictus’ proof-based scanning. The solution has reduced the incidence of false positive vulnerabilities. It has helped us reduce our time and focus on vulnerabilities."
"It has a comprehensive resulting mechanism. It is a one-stop solution for all your security testing mechanisms."
"I like that it's stable and technical support is great."
"Rapid7 AppSpider is good at managing different applications. It uses applets and generates reports to cover the PCA/GDPR compliance requirements."
"The setup is usually straightforward."
"I would say that it is stable, as I am not aware of any major issues."
"The entire solution is interactive and has a point-and-click user experience, which makes it easy to find items or drill down on information. You don't need specialized skills to use the product."
"The most valuable feature is the reporting, which is compliant with international standards."
"The most valuable feature of Rapid7 AppSpider is the vulnerability reporting data. Additionally, the data is reported in a convenient way rather than seeing them as a PDF. We are able to generate all the reports exactly what we want in a flexible way."
"I like the ability the product has to detect vulnerabilities quickly, when it has been released in our environment, then displaying them to us."
"What I like most about AppSpider is that it's easy to use and its automated scan gives me all the details I need to know when it comes to vulnerabilities and their solutions."
"The scanner itself should be improved because it is a little bit slow."
"The support's response time could be faster since we are in different time zones."
"Reporting should be improved. The reporting options should be made better for end-users. Currently, it is possible, but it's not the best. Being able to choose what I want to see in my reports rather than being given prefixed information would make my life easier. I had to depend on the API for getting the content that I wanted. If they could fix the reporting feature to make it more comprehensive and user-friendly, it would help a lot of end-users. Everything else was good about this product."
"The higher level vulnerabilities like Cross-Site Scripting, SQL Injection, and other higher level injection attacks are difficult to highlight using Netsparker."
"Netsparker doesn't provide the source code of the static application security testing."
"I think that it freezes without any specific reason at times. This needs to be looked into."
"The licensing model should be improved to be more cost-effective. There are URL restrictions that consume our license. Compared to other DAST solutions and task tools like WebInspect and Burp Enterprise, Invicti is very expensive. The solution’s scanning time is also very long compared to other DAST tools. It might be due to proof-based scanning."
"The scannings are not sufficiently updated."
"Implementing Rapid7 AppSpider requires scanning and self-identification mechanisms. You can add different types of authentication to each scan."
"AppSpider could improve in the area of integration. They need to add more integration opportunities."
"AppSpider has some problems with the RAM needed while scanning."
"There are some glitches with stability, and it is an area for improvement."
"Integration could be better."
"One of the challenges I have with AppSpider is that it gives you a lot of false positives, especially when compared to other solutions."
"This price of this solution is a little bit expensive."
"It needs better integration with mobile applications."
Invicti is ranked 15th in Application Security Testing (AST) with 25 reviews while Rapid7 AppSpider is ranked 25th in Application Security Testing (AST) with 13 reviews. Invicti is rated 8.2, while Rapid7 AppSpider is rated 7.8. The top reviewer of Invicti writes "A customizable security testing solution with good tech support, but the price could be better". On the other hand, the top reviewer of Rapid7 AppSpider writes "Useful vulnerability reporting data, flexible, and simple implementation". Invicti is most compared with OWASP Zap, Acunetix, PortSwigger Burp Suite Professional, Tenable.io Web Application Scanning and Checkmarx One, whereas Rapid7 AppSpider is most compared with Rapid7 InsightAppSec, OWASP Zap, Acunetix, Tenable.io Web Application Scanning and Qualys Web Application Scanning. See our Invicti vs. Rapid7 AppSpider report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
