Try our new research platform with insights from 80,000+ expert users

Invicti vs Spirent CyberFlood comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024
 

Categories and Ranking

Invicti
Ranking in Static Application Security Testing (SAST)
14th
Average Rating
8.2
Number of Reviews
27
Ranking in other categories
API Security (5th), Dynamic Application Security Testing (DAST) (3rd)
Spirent CyberFlood
Ranking in Static Application Security Testing (SAST)
32nd
Average Rating
8.4
Number of Reviews
4
Ranking in other categories
Application Security Tools (35th)
 

Mindshare comparison

As of November 2024, in the Static Application Security Testing (SAST) category, the mindshare of Invicti is 1.3%, up from 1.3% compared to the previous year. The mindshare of Spirent CyberFlood is 0.3%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Static Application Security Testing (SAST)
 

Featured Reviews

Akshay Waghmare - PeerSpot reviewer
Nov 9, 2023
A stable and user-friendly solution that can be used for dynamic application security testing
We use Invicti for dynamic application security testing and to integrate files into the pipeline The most valuable feature of Invicti is getting baseline scanning and incremental scan. The solution's false positive analysis and vulnerability analysis libraries could be improved. I have been…
Haider Jarral - PeerSpot reviewer
May 4, 2023
I like the solution's flexibility
I use CyberFlood to generate SSL traffic for cybersecurity testing CyberFlood is flexible.  Sometimes, when you configure parameters the hardware can't run, it will get stuck at those points without telling you what happened. It would be helpful if the error reporting provided more details about…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"When we try to manually exploit the vulnerabilities, it often takes time to realize what's going on and what needs to be done."
"The best features of Invicti are its ability to confirm access vulnerabilities, SSL injection vulnerabilities, and its connectors to other security tools."
"It has a comprehensive resulting mechanism. It is a one-stop solution for all your security testing mechanisms."
"It has very good integration with the CI/CD pipeline."
"The scanner and the result generator are valuable features for us."
"Invicti is a good product, and its API testing is also good."
"The most attractive feature was the reporting review tool. The reporting review was very impressive and produced very fruitful reports."
"Crawling feature: Netsparker has very detail crawling steps and mechanisms. This feature expands the attack surface."
"Our customers use it to check for unauthorized file transfer."
"CyberFlood's best features are its user-friendliness and scheduling function."
"The feature I find most valuable is the traffic generator."
"CyberFlood is flexible."
 

Cons

"The solution needs to make a more specific report."
"It would be better for listing and attacking Java-based web applications to exploit vulnerabilities."
"They don't really provide the proof of concept up to the level that we need in our organization. We are a consultancy firm, and we provide consultancy for the implementation and deployment solutions to our customers. When you run the scans and the scan is completed, it only shows the proof of exploit, which really doesn't work because the tool is running the scan and exploiting on the read-only form. You don't really know whether it is actually giving the proof of exploit. We cannot prove it manually to a customer that the exploit is genuine. It is really hard to perform it manually and prove it to the concerned development, remediation, and security teams. It is currently missing the static application security part of the application security, especially web application security. It would be really cool if they can integrate a SAS tool with their dynamic one."
"The license could be better. It would help if they could allow us to scan multiple URLs on the same license. It's a major hindrance that we are facing while scanning applications, and we have to be sure that the URLs are the same and not different so that we do not end up consuming another license for it. Netsparker is one of the costliest products in the market. The licensing is tied to the URL, and it's restricted. If you have a URL that you scanned once, like a website, you cannot retry that same license. If you are scanning the same website but in a different domain or different URL, you might end up paying for a second license. It would also be better if they provided proper support for multi-factor authentications. In the next release, I would like them to include good multi-factor authentication support."
"Right now, they are missing the static application security part, especially web application security."
"The solution's false positive analysis and vulnerability analysis libraries could be improved."
"Invicti takes too long with big applications, and there are issues with the login portal."
"Netsparker doesn't provide the source code of the static application security testing."
"The solution needs more ports, more speed, and more gigabytes."
"I would also like to see updates on a more frequent schedule."
"Sometimes, when you configure parameters the hardware can't run, it will get stuck at those points without telling you what happened. It would be helpful if the error reporting provided more details about why the test setting is not running. It would be nice if there were a space in the hardware module for you to add some external hardware for more rigorous testing."
"CyberFlood's accessibility and support for multiple browsers could be better."
 

Pricing and Cost Advice

"It is competitive in the security market."
"We never had any issues with the licensing; the price was within our assigned limits."
"Netsparker is one of the costliest products in the market. It would help if they could allow us to scan multiple URLs on the same license."
"We are using an NFR license and I do not know the exact price of the NFR license. I think 20 FQDN for three years would cost around 35,000 US Dollars."
"Invicti is best suited for large enterprises. I don't think small and medium-sized businesses can afford it. Maintenance costs aren't that great."
"The solution is very expensive. It comes with a yearly subscription. We were paying 6000 dollars yearly for unlimited scans. We have three licenses; basic, business, and ultimate. We need ultimate because it has unlimited scan numbers."
"OWASP Zap is free and it has live updates, so that's a big plus."
"The price should be 20% lower"
"CyberFlood is reasonably priced."
report
Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
55%
Financial Services Firm
8%
Computer Software Company
6%
Manufacturing Company
5%
Computer Software Company
22%
Financial Services Firm
10%
Comms Service Provider
9%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Netsparker Web Application Security Scanner?
The inventory prices are very competitive. The competitors are more expensive, but the estimated cost of Invicti is more competitive than that of other tools. They had very good pricing. We have di...
What do you like most about Invicti?
The most valuable feature of Invicti is getting baseline scanning and incremental scan.
What needs improvement with Invicti?
Invicti has provided a roadmap outlining the improvements they're focusing on. Given the competition, with tools like Qualys and many others in the market, the interface needs to be enhanced, integ...
What needs improvement with Spirent CyberFlood?
Sometimes, when you configure parameters the hardware can't run, it will get stuck at those points without telling you what happened. It would be helpful if the error reporting provided more detail...
What is your primary use case for Spirent CyberFlood?
I use CyberFlood to generate SSL traffic for cybersecurity testing.
 

Also Known As

Netsparker
CyberFlood Virtual, Spirent Mu Dynamics Application Security Testing, Mu Dynamics Application Security Testing
 

Learn More

 

Overview

 

Sample Customers

Samsung, The Walt Disney Company, T-Systems, ING Bank
Digicel
Find out what your peers are saying about Invicti vs. Spirent CyberFlood and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.