Invicti vs PortSwigger Burp Suite Enterprise Edition comparison

"This tool is really fast and the information that they provide on vulnerabilities is pretty good."

"Scan, proxify the application, and then detailed report along with evidence and remediations to problems."

"The dashboard is really cool, and the features are really good. It tells you about the software version you're using in your web application. It gives you the entire technology stack, and that really helps. Both web and desktop apps are good in terms of application scanning. It has a lot of security checks that are easily customizable as per your requirements. It also has good customer support."

"It correctly parses DOM and JS and has really good support for URL Rewrite rules, which is important for today's websites."

"Invicti's proactive scanning measures vulnerabilities each time we deploy or push code to a new environment."

"I am impressed by the whole technology that they are using in this solution. It is really fast. When using netscan, the confirmation that it gives on the vulnerabilities is pretty cool. It is really easy to configure a scan in Netsparker Web Application Security Scanner. It is also really easy to deploy."

"When we try to manually exploit the vulnerabilities, it often takes time to realize what's going on and what needs to be done."

"High level of accuracy and quick scanning."

"The most appreciated functionality of PortSwigger Burp Suite is its ability to perform brute force attacks automatically."

"The initial setup is straightforward."

"We are in the early stage of using the solution making it difficult to fully determine the best features. However, we have noticed the CMDB and device discovery features look valuable at this time."

"This tool helps identify vulnerabilities. We then provide the report to the developers, who address the issues identified automatically. Its most valuable feature is CI/CD integration."

"Its automated scanning feature saves time."

"The most valuable features of PortSwigger Burp Suite Enterprise Edition are the vast amount of options and ease of use. They frequently improve the solution every six months to a year. Additionally, if we want any more features we can upload a custom script to meet our needs."

"The tool is loaded with many features that give us ROI."

"The product is easy to use."

"Maybe the ability to make a good reporting format is needed."

"They don't really provide the proof of concept up to the level that we need in our organization. We are a consultancy firm, and we provide consultancy for the implementation and deployment solutions to our customers. When you run the scans and the scan is completed, it only shows the proof of exploit, which really doesn't work because the tool is running the scan and exploiting on the read-only form. You don't really know whether it is actually giving the proof of exploit. We cannot prove it manually to a customer that the exploit is genuine. It is really hard to perform it manually and prove it to the concerned development, remediation, and security teams. It is currently missing the static application security part of the application security, especially web application security. It would be really cool if they can integrate a SAS tool with their dynamic one."

"The scanner itself should be improved because it is a little bit slow."

"Right now, they are missing the static application security part, especially web application security."

"It would be better for listing and attacking Java-based web applications to exploit vulnerabilities."

"The proxy review, the use report views, the current use tool and the subset requests need some improvement. It was hard to understand how to use them."

"I think that it freezes without any specific reason at times. This needs to be looked into."

"The scanning time, complexity, and authentication features of Invicti could be improved."

"PortSwigger Burp Suite Enterprise Edition should incorporate a static code analysis feature. One main issue we encounter is false positives. False positives can be challenging for developers."

"It would be beneficial if Burp Suite provided predefined payloads for each attack category, such as SQL injection and cross-site scripting, to automate some tasks more effectively."

"The product needs to have the ability to evaluate more."

"The implementation of the solution is quite complicated and could be easier."

"It would be beneficial if Burp Suite provided predefined payloads for each attack category, such as SQL injection and cross-site scripting, to automate some tasks more effectively."

"Scalability could be better."

"The cost per license per user could be cheaper, specifically for individual licensing."

"The solution is a bit expensive."

"We are using an NFR license and I do not know the exact price of the NFR license. I think 20 FQDN for three years would cost around 35,000 US Dollars."

"The solution is very expensive. It comes with a yearly subscription. We were paying 6000 dollars yearly for unlimited scans. We have three licenses; basic, business, and ultimate. We need ultimate because it has unlimited scan numbers."

"I think that price it too high, like other Security applications such as Acunetix, WebInspect, and so on."

"Invicti is best suited for large enterprises. I don't think small and medium-sized businesses can afford it. Maintenance costs aren't that great."

"Netsparker is one of the costliest products in the market. It would help if they could allow us to scan multiple URLs on the same license."

"We never had any issues with the licensing; the price was within our assigned limits."

"OWASP Zap is free and it has live updates, so that's a big plus."

"The price should be 20% lower"

"The tool's pricing is reasonable and costs around 400 dollars per year."

"Although the solution can be a bit expensive for small companies, its pricing is fairly reasonable for its capabilities."

"PortSwigger Burp Suite Enterprise Edition is expensive compared to other solutions."

"PortSwigger Burp Suite Enterprise Edition is neither a cheap nor an expensive product. PortSwigger Burp Suite Enterprise Edition is a good tool for companies."

"For Professional, it's about $400 per year."