Invicti enables organizations in every industry to continuously scan and secure all of their web applications and APIs. Invicti provides a comprehensive view of an organization’s entire web application portfolio, and automation and integrations enable customers to achieve broad coverage of thousands of applications. Invicti is headquartered in Austin, Texas, and serves more than 3,500 organizations of all sizes all over the world.
N/A
Trend Micro Cloud App Security
Score 8.7 out of 10
N/A
The Trend Micro Cloud App Security application secures Microsoft Office 365 and other cloud storage applications.
Netsparker is very thorough but can take a very long time to scan a web application. It can also take a long time to learn and configure. Its thoroughness is a very good part of the product but if the application does [not] need this thoroughness it is probably a waste of time to run Netsparker on the website.
The product works great when I have to quarantine a mass email attack. Seems students are always susceptible to email base attacks, we are no different, but when one occurs on a mass email basis I can very easy and quickly block/quarantine those emails either by sender, domain, or URL or all three if need be. We have played with the data loss component but it is hard to do anything but "monitor" because there are way too many false positives. Such as with SSNs and bank routing numbers, but I figure any solution provider would experience the same problem. However, even with monitor and notification only, it is useful to make our users aware they are potentially sending personal information.
NetSparker has excellent customer service. When our team had to learn to use it for the first time, we had to communicate directly with NetSparker consultants.
NetSparker is very user-friendly. It's UI is organized and keeps all the different scans we have set-up in a very clean visual.
Netsparker has a selection of workflows and integration tools that make it useful for keeping all of my teammates on the same page.
Netsparker Cloud is expensive and restricts the number of website URLs that you are allowed to scan. This restricts us from scanning all of the websites that we create and only allows us to scan a small subset of number of the website we produce.
Netsparker is difficult to configure and I often need to open a ticket with support to figure out how to use the product. I have been vulnerability testing websites for over 10 years and I still don't think I really know how to use Netsparker.
Netsparker can take a very long time to complete a scan due to the number of items it can scan for. Be certain to reduce the technologies that your scan will be looking at. Also, expect a large website to possibly take over two days to complete. Not something you really want to have happen on a developer checking on some source code.
Wish I could customize the notification emails more, like including html code to personalize and highlight messages that my end users see when an item is flagged.
Wish there was a word or phrase component to block/flag emails as I can with files, links, senders and domains.
Automation of the BEC list would be a plus...such as pulling in an OU or security group so that I do not have to do manually perform this task.
We have multiple TrendMicro products. Thus it would be nice to have one dash board to "see" or login at least for ApexOne, CAS, etc.
Only a 9 if the product become completely unaffordable. Covid-19 has adversely affected Higher Ed budgets, if that should happen I would lobby hard to find cuts elsewhere...TrendMicro CAS is a necessary tool for any business to have!
Once Cloud App Security is up and running there is no need to do anything additional. The program will begin protecting all the environment immediately and end results are proven. All notifications come to the administrator email to verify and mitigate a response and check the endpoint if necessary. Very easy to use.
NetSparker support is amazing. When first introducing this software to the team, there was a lot of communication going on between Netsparker consultants and our team. They have answered our questions very efficiently and have had consultants come to our department for training. They are open to suggestions for improvements and enhancements as well.
Trend Micro Cloud App Security’s support has been highly competent and thorough when we have needed their assistance. Their support has been quickly dispatched, both through telephone and Email, while answer our questions and providing the “inside baseball” answers we have wanted when discussing the why and how of certain issues. When it came to implementation, their support sat through us as we deployed agents and took us on an adventure few implementations have.
I currently use OWASP ZAP, Burp Suite Professional and Veracode Dynamic Scan. ZAP is very easy to use and the web developers use it regularly. Burp Suite is very customizable as is Netsparker but usually take much less time to scan a website. Both of these tools are programmable and allow me to add special items to a scan when I need it. They are also much better documented. Veracode also has a static code analysis tool that we use much more often then the dynamic analysis tool but we do use both parts of Veracode.
To date we had only utilized Symantec Small Business Suite for all of our antivirus needs. We had only moved to the cloud environment during the summer of 2020, and after doing so I'm not sure that I would ever change from Trend Micro Cloud App Security. The cost and features all are a great fit for the small to medium-sized business such as ours.
CAS gives us peace of mind knowing the file systems we rely on in the cloud are protected the same way they would be if they were sitting in our office. This leads to a reduced risk of downtime that could otherwise limit us from being able to properly support our customers.
