Invicti Reviews

It has a comprehensive resulting mechanism. It is a one-stop solution for all your security testing mechanisms.

Reporting should be improved. The reporting options should be made better for end-users. Currently, it is possible, but it's not the best. Being able to choose what I want to see in my reports rather than being given prefixed information would make my life easier. I had to depend on the API for getting the content that I wanted. If they could fix the reporting feature to make it more comprehensive and user-friendly, it would help a lot of end-users. Everything else was good about this product.

I used this solution for around 16 months. We were using its latest version. 

It was a cloud deployment. It was an internal cloud. The company bought the cloud version and then hosted it internally.

It's good. I believe it went down only once in 16 months. It never had any other problem.

Their support was good. They were quite prompt with their responses. When we had any issues, we reached out, and they did respond quickly.

It was done by my company's IT team, and I was not involved in that.

We basically had them implement it in-house for us. So, it was done in-house, but it was done by Netsparker's team. It was not done by our team.

In terms of maintenance, it was being managed by a team, but I don't know how many people were managing it in that team.

It is a very good tool. It has an API segment that makes up for the lack of reporting options. You can execute commands on Netsparker by using your command-line interface. By using the API, you will be able to get the kind of information that you are looking for. It'll help you in getting the results that you want.

I would rate it an eight out of ten.

My primary use of Invicti revolves around supporting my vulnerability testing efforts. As part of my role in overseeing security for various companies, Invicti aids in generating reports to bolster security measures.

I find the product's zero false positive feature quite valuable, as does its array of authentication options, which provide flexibility in testing various web applications.

They could enhance the support for data swap testing for the platform. 

I've been utilizing Invicti for approximately three years now.

The platform is stable.

The technical support services are good. 

Invicti's robust authentication options stand out as a significant advantage compared to other solutions.

The product plays a crucial role in our organization's security posture by identifying vulnerabilities. Once I deliver my reports, the identified issues are promptly addressed, significantly improving our overall security stance.

The automation capabilities streamline our security testing processes, especially concerning web application authentication. It ensures compatibility with different authentication solutions, facilitating automatic testing.

I value the robust reporting capabilities. The diverse range of report options allows for detailed insights, which assists in effectively addressing security issues.

I would recommend Invicti to others and rate it a nine. 

I primarily use Invicti for onboarding on the performance side.

Invicti's best feature is the ability to identify vulnerabilities and manually verify them.

Invicti takes too long with big applications, and there are issues with the login portal.

I've been using Invicti for four to five years.

Invicti sometimes stops working when dealing with large applications.

The initial setup was easy.

I would give Invicti a rating of nine out of ten.

We use this product for vulnerability assessment and penetration testing of any web application in addition to API testing. The solution generates reports for us. I'm a security consultant and we are end-users. 

The solution generates reports automatically and quickly and it's a very user-friendly product. I like the active and passive scanning, which is a good feature from my perspective.

I find that the scannings are not sufficiently updated. 

I've been using this solution for four years. 

The stability is good, up to the mark. 

The scalability is good and we're likely going to increase usage of Netsparker. 

We contact technical support all the time and they are great. They resolve issues quickly and efficiently. 

We also use Burp Suite which is a UI-based tool that I also find to be user-friendly. We use both products so that in the case of false positives we can compare and verify. 

The initial setup is straightforward and the solution doesn't require any maintenance. We currently have 15 users and that number is likely to expand to around 20 in the near future. 

The pricing of the license is compatible with our budget. 

I highly recommend Netsparker and rate it eight out of 10. 

I am impressed by the whole technology that they are using in this solution. It is really fast. When using netscan, the confirmation that it gives on the vulnerabilities is pretty cool.

It is really easy to configure a scan in Netsparker Web Application Security Scanner. It is also really easy to deploy.

They don't really provide the proof of concept up to the level that we need in our organization. We are a consultancy firm, and we provide consultancy for the implementation and deployment solutions to our customers. When you run the scans and the scan is completed, it only shows the proof of exploit, which really doesn't work because the tool is running the scan and exploiting on the read-only form. You don't really know whether it is actually giving the proof of exploit. We cannot prove it manually to a customer that the exploit is genuine. It is really hard to perform it manually and prove it to the concerned development, remediation, and security teams.

It is currently missing the static application security part of the application security, especially web application security. It would be really cool if they can integrate a SAS tool with their dynamic one.

We started to use Netsparker Web Application Security Scanner in February of this year. We are using its latest version.

It is pretty stable. 

It is scalable.

We engage with the local partner and the distributor here for support. We are satisfied with the support here.

The initial setup wasn't a problem for me. I have been using these security tools for a while now.

I also use Micro Focus Fortify. The difference is mainly in the UI. I haven't really got into the comparison between the output of the scans, but I was really impressed by the UI and the ease of use of Netsparker Web Application Security Scanner.

I would recommend this solution. I haven't really researched other products, but for me, Netsparker Web Application Security Scanner is a benchmark right now.

I would rate Netsparker Web Application Security Scanner an eight out of ten. 

We are a consulting firm and we provide implementation and deployment of solutions to our customers.

I am very much impressed by the whole technology.

This tool is really fast and the information that they provide on vulnerabilities is pretty good.

The UI is good and it is really easy to use.

With respect to the algorithm that Netsparker is running, they don't really provide the proof of concept up to the level that we need, here in the organization. Specifically, because the tool is running the scan and exploiting the read-only version, it doesn't prove to the customer that the exploit is genuine. We have to perform this manually, but it is difficult to prove to the concerned team, whether it is the development team, the remediation team, or the security team.

Right now, they are missing the static application security part, especially web application security. If they can integrate a SaaS tool with their dynamic one then it would be really helpful.

I have been working with Netsparker for several months.

We have not experienced any bugs or glitches, so it seems stable.

Scalability-wise, it is pretty good.

We have been engaged with the local partner and we get a good level of support.

We also use Micro Focus Fortify and I have not had a chance to compare the scans, but I prefer the interface and ease of use with Netsparker. It is really easy to configure and deploy, as well as communicate this to the client.

The initial setup was not a problem for me, as I have been using these security tools for a while.

Overall, I am satisfied with Netsparker. However, I cannot say at this point that I would recommend it because although it is good, I will now be using it as a benchmark for evaluating other products.

I would rate this solution an eight out of ten.

Our primary use case is for web applications but rather than being in a production environment, it's in a testing environment. We check for vulnerabilities found in the test environment and remediate them. Following that, we publish the web application for web production. We are customers of Netsparker and I'm the retail services senior manager.

The most valuable features that I've found in this solution was the level of accuracy and also that the process of scanning was very quick and we're easily able to change the frame of a scan. I use the many applications and security management tools and the accuracy is important for me. Other solutions like NetBus don't have such an accurate timeline. 

Improvement could be made in the area of production. Features like macro recording that I've used in other solutions would improve this product. Recording macro for complex applications, especially web applications where there is a complex web application for login or logout format. We could record the macro for login to make a dynamic scanning process, which makes it easier to scan methodology. We need to be able to record the macro. I think a feature like that would add a lot to the solution. 

I've been using this solution for three months.

I think the stability of Netsparker enterprise product is very cool. And the application scanning was very successful. No time outs, no downtime the stability and the service was very, very good. 

I'm satisfied with the technical support. 

Initial setup was straightforward and didn't take much time. It was smooth and successful. 

This is not a simple solution, there is a complexity there. A lot of companies here don't like the idea of using a cloud provider or cloud application for scanning. We prefer to have stand-alone applications and not use the cloud. It's something they could offer, like Qualys.

I would rate this solution an eight out of 10.

We're primarily used the solution as a proof of concept using it for assessing the security of one of our web applications.

The most attractive feature was the reporting review tool. The reporting review was very impressive and produced very fruitful reports.

The proxy review, the use report views, the current use tool and the subset requests need some improvement. It was hard to understand how to use them.

The solution is very stable.

As I was only working on the demo version of the solution, I can't speak to how scalable it would be.

The technical support team was very helpful. They offered me a demo before I started using the tool, and the demo was very impressive.

We previously used a different tool, but it was also a demo, like Netsparker. We wanted to try Netsparker, so we moved to their demo.

The initial setup was straightforward.

I handled the implementation myself.

I tried some different tools. Some of them were full versions whereas others were demo versions like Netsparker.

We're using a demo of the latest version for a POC. We used the on-premises deployment model.

I'd recommend Netsparker for anyone who wants to make a security assessment for web applications.

I'd rate the solution nine out of ten. The tool is full of useful features. However, the intercepting reviews in terms of web requests need some enhancements to be more usable.