TrustRadius: an HG Insights company

Invicti

Score9 out of 10

6 Reviews and Ratings

Get a Demo

What is Invicti?

Invicti enables organizations in every industry to continuously scan and secure all of their web applications and APIs. Invicti provides a comprehensive view of an organization’s entire web application portfolio, and automation and integrations enable customers to achieve broad coverage of thousands of applications. Invicti is headquartered in Austin, Texas, and serves more than 3,500 organizations of all sizes all over the world.

Categories & Use Cases

Media

Vulnerability detection
Netsparker dashboard
Integrations/automation
Scan and protect your entire asset library in one place

1 / 4

Reviews

What users are saying about Invicti.
View all reviews

Netsparker Review

Incentivized
Jatel DesaiView profile
Programmer Analyst in Information Technology at Department of Industrial Relations (501-1000 employees employees)

Pros

  • NetSparker has excellent customer service. When our team had to learn to use it for the first time, we had to communicate directly with NetSparker consultants.
  • NetSparker is very user-friendly. It's UI is organized and keeps all the different scans we have set-up in a very clean visual.
  • Netsparker has a selection of workflows and integration tools that make it useful for keeping all of my teammates on the same page.

Cons

  • NetSparker does not integrate with all systems. Currently, it is limited to popular systems, using Java for example.
  • NetSparker is priced at a higher range. I believe with all its competition, the pricing could be a little better.
  • NerSparker could improve its user experience. There should be a way to find out if a system has vulnerabilities directly through e-mail.

Return on Investment

  • NetSparker has saved the team a lot of time since the scans quicker than our older software.
  • NetSparker has been costing the company a lot compared to previous security software.
  • Netsparker has helped improved our overall business objectives by finding an efficient and collaborative way to run scans on our systems.

Alternatives Considered

Veracode

Other Software Used

GitHub, Veracode, Amazon CloudWatch

Netsparker Cloud does a lot but can take a lot of time.

Incentivized
Glenn JonesView profile
Sr. Systems and Security Architect in Information Technology at Mathematica Policy Research (1001-5000 employees employees)

Pros

  • Netsparker is a product that many security companies use to scan their clients websites. This means it has good reputation and we can use that reputation when we show our Netsparker scan to our clients.
  • Netsparker is very customizable and allows us to reduce the scan time by making sure we do not spend time scanning technologies that are not being used in the application. Once a set of customizations are configured they can be applied to similar types of applications. This allows us to quickly setup a vulnerability scan of new applications.
  • Netsparker includes numerous vulnerability points to test for. This means that sometimes thousands of possible vulnerabilities are tested. Other scanners to do not always scan for all of these types of vulnerabilities.

Cons

  • Netsparker Cloud is expensive and restricts the number of website URLs that you are allowed to scan. This restricts us from scanning all of the websites that we create and only allows us to scan a small subset of number of the website we produce.
  • Netsparker is difficult to configure and I often need to open a ticket with support to figure out how to use the product. I have been vulnerability testing websites for over 10 years and I still don't think I really know how to use Netsparker.
  • Netsparker can take a very long time to complete a scan due to the number of items it can scan for. Be certain to reduce the technologies that your scan will be looking at. Also, expect a large website to possibly take over two days to complete. Not something you really want to have happen on a developer checking on some source code.

Return on Investment

  • Netsparker can perform a very deep vulnerability of a website if you have the time for it to run and the time to learn the product. We need this thoroughness on a number of our websites and the clients are willing to pay for this thoroughness. For this reason, it is quite useful and does what we need.
  • Netsparker can be run through automation but the documentation is lacking in this area. If they had better documentation it wouldn't take so long to get the system running.

Other Software Used

Visual Studio IDE, Netwrix Auditor, Microsoft SQL Server

Related Products

Products similar to Invicti that may also meet your needs.
All comparisons
Qualys Web Application Scanning (WAS) app
CompareLearn more
Rapid7 AppSpider
CompareLearn more
Acunetix by Invicti
CompareLearn more