Invicti OverviewUNIXBusinessApplication

Invicti is the #19 ranked solution in AST tools and #22 ranked solution in application security solutions. PeerSpot users give Invicti an average rating of 7.6 out of 10. Invicti is most commonly compared to Acunetix: Invicti vs Acunetix. Invicti is popular among the large enterprise segment, accounting for 65% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 24% of all views.
Buyer's Guide

Download the Application Security Tools Buyer's Guide including reviews and more. Updated: November 2022

What is Invicti?

Invicti helps DevSecOps teams automate security tasks and save hundreds of hours each month by identifying web vulnerabilities that matter. Combining dynamic with interactive testing (DAST + IAST) and software composition analysis (SCA), Invicti scans every corner of an app to find what other tools miss with 99.98% accuracy, delivering on the promise of Zero Noise AppSec. Invicti helps discover all web assets — even ones that are lost, forgotten, or created by rogue departments. With an array of out-of-the-box integrations, DevSecOps teams can get ahead of their workloads to hit critical deadlines, improve processes, and communicate more effectively while reducing risk and hitting the ROI goals.

Invicti was previously known as Mavituna Netsparker.

Invicti Customers

Samsung, The Walt Disney Company, T-Systems, ING Bank

Invicti Video

Invicti Pricing Advice

What users are saying about Invicti pricing:
"Netsparker is one of the costliest products in the market. It would help if they could allow us to scan multiple URLs on the same license."

Invicti Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Lead Security Architect at a comms service provider with 1,001-5,000 employees
Real User
Top 20
A customizable security testing solution with good tech support, but the price could be better
Pros and Cons
  • "The dashboard is really cool, and the features are really good. It tells you about the software version you're using in your web application. It gives you the entire technology stack, and that really helps. Both web and desktop apps are good in terms of application scanning. It has a lot of security checks that are easily customizable as per your requirements. It also has good customer support."
  • "The license could be better. It would help if they could allow us to scan multiple URLs on the same license. It's a major hindrance that we are facing while scanning applications, and we have to be sure that the URLs are the same and not different so that we do not end up consuming another license for it. Netsparker is one of the costliest products in the market. The licensing is tied to the URL, and it's restricted. If you have a URL that you scanned once, like a website, you cannot retry that same license. If you are scanning the same website but in a different domain or different URL, you might end up paying for a second license. It would also be better if they provided proper support for multi-factor authentications. In the next release, I would like them to include good multi-factor authentication support."

What is our primary use case?

We use Netsparker by Invicti to run tests for application security based on OWASP Top 10.

What is most valuable?

The dashboard is really cool, and the features are really good. It tells you about the software version you're using in your web application. It gives you the entire technology stack, and that really helps. Both web and desktop apps are good in terms of application scanning. It has a lot of security checks that are easily customizable as per your requirements. It also has good customer support.

What needs improvement?

The license could be better. It would help if they could allow us to scan multiple URLs on the same license. It's a major hindrance that we are facing while scanning applications, and we have to be sure that the URLs are the same and not different so that we do not end up consuming another license for it.

Netsparker is one of the costliest products in the market. The licensing is tied to the URL, and it's restricted. If you have a URL that you scanned once, like a website, you cannot retry that same license. If you are scanning the same website but in a different domain or different URL, you might end up paying for a second license. 

It would also be better if they provided proper support for multi-factor authentications. In the next release, I would like them to include good multi-factor authentication support.

For how long have I used the solution?

I have been using Netsparker by Invicti for about five years.

Buyer's Guide
Application Security Tools
November 2022
Find out what your peers are saying about Invicti, PortSwigger, HCL and others in Application Security Tools. Updated: November 2022.
654,658 professionals have used our research since 2012.

What do I think about the stability of the solution?

We haven't had any problems with stability.

What do I think about the scalability of the solution?

Scalability is simple because we are using it as a standalone application at the moment. It's installed in one of our testing environments. So, I cannot really comment about scalability. We have about three to five people using it at the moment.

How are customer service and support?

Tech support is really wonderful, and they are very helpful and prompt with responses as well. If we have some queries regarding macros, regarding the APIs, the customer support is really good, and they have good recommendations as well.

How was the initial setup?

The initial setup is straightforward. 

What's my experience with pricing, setup cost, and licensing?

Netsparker is one of the costliest products in the market. It would help if they could allow us to scan multiple URLs on the same license.

Which other solutions did I evaluate?

There are different products in the market for DAST like Micro Focus, IBM AppScan, Acunetix, and Burp Suite. All these products have their pros and cons. Netsparker is really good, and it has a vast variety for security checks, plugins, that could be used for finding vulnerabilities.

What other advice do I have?

I would tell potential users that it's really one of the best products in the market for web application security or Dynamic Application Security Testing (DAST). The licensing part is challenging, but they might get a good deal out of the Netsparker team.

On a scale from one to ten, I would give Netsparker by Invicti a seven.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
JoelGeorge - PeerSpot reviewer
Associate at Tata Consultancy
Real User
Top 5
A comprehensive solution for all of your security testing needs
Pros and Cons
  • "It has a comprehensive resulting mechanism. It is a one-stop solution for all your security testing mechanisms."
  • "Reporting should be improved. The reporting options should be made better for end-users. Currently, it is possible, but it's not the best. Being able to choose what I want to see in my reports rather than being given prefixed information would make my life easier. I had to depend on the API for getting the content that I wanted. If they could fix the reporting feature to make it more comprehensive and user-friendly, it would help a lot of end-users. Everything else was good about this product."

What is most valuable?

It has a comprehensive resulting mechanism. It is a one-stop solution for all your security testing mechanisms.

What needs improvement?

Reporting should be improved. The reporting options should be made better for end-users. Currently, it is possible, but it's not the best. Being able to choose what I want to see in my reports rather than being given prefixed information would make my life easier. I had to depend on the API for getting the content that I wanted. If they could fix the reporting feature to make it more comprehensive and user-friendly, it would help a lot of end-users. Everything else was good about this product.

For how long have I used the solution?

I used this solution for around 16 months. We were using its latest version. 

It was a cloud deployment. It was an internal cloud. The company bought the cloud version and then hosted it internally.

What do I think about the stability of the solution?

It's good. I believe it went down only once in 16 months. It never had any other problem.

How are customer service and support?

Their support was good. They were quite prompt with their responses. When we had any issues, we reached out, and they did respond quickly.

How was the initial setup?

It was done by my company's IT team, and I was not involved in that.

What about the implementation team?

We basically had them implement it in-house for us. So, it was done in-house, but it was done by Netsparker's team. It was not done by our team.

In terms of maintenance, it was being managed by a team, but I don't know how many people were managing it in that team.

What other advice do I have?

It is a very good tool. It has an API segment that makes up for the lack of reporting options. You can execute commands on Netsparker by using your command-line interface. By using the API, you will be able to get the kind of information that you are looking for. It'll help you in getting the results that you want.

I would rate it an eight out of ten.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Buyer's Guide
Application Security Tools
November 2022
Find out what your peers are saying about Invicti, PortSwigger, HCL and others in Application Security Tools. Updated: November 2022.
654,658 professionals have used our research since 2012.
PrashantPatil - PeerSpot reviewer
Senior Security Consultant at Verve Square Technologies
Consultant
Top 10
Great active and passive scanning, and reports are generated automatically
Pros and Cons
  • "The solution generates reports automatically and quickly."
  • "The scannings are not sufficiently updated."

What is our primary use case?

We use this product for vulnerability assessment and penetration testing of any web application in addition to API testing. The solution generates reports for us. I'm a security consultant and we are end-users. 

What is most valuable?

The solution generates reports automatically and quickly and it's a very user-friendly product. I like the active and passive scanning, which is a good feature from my perspective.

What needs improvement?

I find that the scannings are not sufficiently updated. 

For how long have I used the solution?

I've been using this solution for four years. 

What do I think about the stability of the solution?

The stability is good, up to the mark. 

What do I think about the scalability of the solution?

The scalability is good and we're likely going to increase usage of Netsparker. 

How are customer service and support?

We contact technical support all the time and they are great. They resolve issues quickly and efficiently. 

Which solution did I use previously and why did I switch?

We also use Burp Suite which is a UI-based tool that I also find to be user-friendly. We use both products so that in the case of false positives we can compare and verify. 

How was the initial setup?

The initial setup is straightforward and the solution doesn't require any maintenance. We currently have 15 users and that number is likely to expand to around 20 in the near future. 

What's my experience with pricing, setup cost, and licensing?

The pricing of the license is compatible with our budget. 

What other advice do I have?

I highly recommend Netsparker and rate it eight out of 10. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Buyer's Guide
Download our free Application Security Tools Report and find out what your peers are saying about Invicti, PortSwigger, HCL, and more!
Updated: November 2022
Buyer's Guide
Download our free Application Security Tools Report and find out what your peers are saying about Invicti, PortSwigger, HCL, and more!