We performed a comparison between Invicti and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It correctly parses DOM and JS and has really good support for URL Rewrite rules, which is important for today's websites."
"The most attractive feature was the reporting review tool. The reporting review was very impressive and produced very fruitful reports."
"The best features of Invicti are its ability to confirm access vulnerabilities, SSL injection vulnerabilities, and its connectors to other security tools."
"Attacking feature: Actually, attacking is not a solo feature. It contains many attack engines, Hawk, and many properties. But Netsparker's attacking mechanism is very flexible. This increases the vulnerability detection rate. Also, Netsparker made the Hawk for real-time interactive command-line-based exploit testing. It's very valuable for a vulnerability scanner."
"The scanner and the result generator are valuable features for us."
"I am impressed with Invictus’ proof-based scanning. The solution has reduced the incidence of false positive vulnerabilities. It has helped us reduce our time and focus on vulnerabilities."
"Its ability to crawl a web application is quite different than another similar scanner."
"The scanner is light on the network and does not impact the network when scans are running."
"The solution helped us discover vulnerabilities in our applications."
"BurpSuite helps us to identify and fix silly mistakes that are sometimes introduced by our developers in their coding."
"The solution scans web applications and supports APIs, which are the main features I really like."
"We use the solution for vulnerability assessment in respect of the application and the sites."
"In my area of expertise, I feel like it has almost everything I could possibly require at this moment."
"The active scanner, which does an automated search of any web vulnerabilities."
"Enables automation of different tasks such as authorization testing."
"Once I capture the proxy, I'm able to transfer across. All the requested information is there. I can send across the request to what we call a repeater, where I get to ready the payload that I send to the application. Put in malicious content and then see if it's responding to it."
"The scanner itself should be improved because it is a little bit slow."
"Invicti takes too long with big applications, and there are issues with the login portal."
"Netsparker doesn't provide the source code of the static application security testing."
"I think that it freezes without any specific reason at times. This needs to be looked into."
"It would be better for listing and attacking Java-based web applications to exploit vulnerabilities."
"The support's response time could be faster since we are in different time zones."
"The custom attack preparation screen might be improved."
"The scannings are not sufficiently updated."
"Sometimes the solution can run a little slow."
"The use of system memory is an area that can be improved because it uses a lot."
"You can have many false positives in Burp Suite. It depends on the scale of the penetration testing."
"If your application uses multi-factor authentication, registration management cannot be automated."
"The technical support team's response time is mostly delayed and should be improved."
"The solution lacks sufficient stability."
"The solution doesn't offer very good scalability."
"The initial setup is a bit complex."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Invicti is ranked 20th in Application Security Tools with 25 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 57 reviews. Invicti is rated 8.2, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Invicti writes "A customizable security testing solution with good tech support, but the price could be better". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Invicti is most compared with OWASP Zap, Acunetix, Qualys Web Application Scanning, Veracode and Fortify WebInspect, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Veracode. See our Invicti vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.