Try our new research platform with insights from 80,000+ expert users

Invicti vs Tenable.io Web Application Scanning comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Invicti
Average Rating
8.2
Reviews Sentiment
7.3
Number of Reviews
29
Ranking in other categories
Static Application Security Testing (SAST) (15th), API Security (5th), Dynamic Application Security Testing (DAST) (3rd)
Tenable.io Web Application ...
Average Rating
7.8
Reviews Sentiment
6.7
Number of Reviews
17
Ranking in other categories
Application Security Tools (20th)
 

Mindshare comparison

Invicti and Tenable.io Web Application Scanning aren’t in the same category and serve different purposes. Invicti is designed for Dynamic Application Security Testing (DAST) and holds a mindshare of 13.4%, down 14.5% compared to last year.
Tenable.io Web Application Scanning, on the other hand, focuses on Application Security Tools, holds 1.2% mindshare, down 1.6% since last year.
Dynamic Application Security Testing (DAST)
Application Security Tools
 

Featured Reviews

Kunal M - PeerSpot reviewer
Proactive scanning measures and realistic audit recommendations enhance development focus
Invicti's proactive scanning measures vulnerabilities each time we deploy or push code to a new environment. This feature helps us focus on priorities and prioritize the development team's effort, integrating seamlessly with DevOps to facilitate proactive scans of environments. Invicti also provides audit recommendations that are quite realistic, making it easy to discuss plans with developers.
Harshal Deshmukh - PeerSpot reviewer
Simple tool to use, good dashboard capabilities and offers asset criticality ratings
It has good dashboard capabilities and gives good results with priority ratings, asset criticality ratings, and exposure scores for vulnerabilities. It also provides automated web application scanning, which customers appreciate because it doesn't disturb the web application or hamper the business. While testing the web application, sometimes it happens that the website or application goes down. But with Tenable.io Web Application Scanning, it doesn't affect the business. It has good unified web application scanning and exposure management.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"One of the features I like about this program is the low number of false positives and the support it offers."
"Its ability to crawl a web application is quite different than another similar scanner."
"This tool is really fast and the information that they provide on vulnerabilities is pretty good."
"Crawling feature: Netsparker has very detail crawling steps and mechanisms. This feature expands the attack surface."
"It has a comprehensive resulting mechanism. It is a one-stop solution for all your security testing mechanisms."
"I like that it's stable and technical support is great."
"High level of accuracy and quick scanning."
"The dashboard is really cool, and the features are really good. It tells you about the software version you're using in your web application. It gives you the entire technology stack, and that really helps. Both web and desktop apps are good in terms of application scanning. It has a lot of security checks that are easily customizable as per your requirements. It also has good customer support."
"The solution's instant reports feature is the most effective for detecting threats."
"Tenable.io Web Application Scanning is very easy to use."
"I would recommend Tenable.io Web Application Scanning to others."
"The most valuable features of Tenable.io Web Application Scanning are the integration into specific use cases and scanning. All of the features of the solution are useful."
"We use the tool for our websites. We have a vulnerable subdomain. The tool helps to scan it for vulnerabilities."
"The most effective feature of the product is the ability to scan the entire environment."
"Our customers adopt this solution because of the replication testing and the vulnerability assessment it can do. It is a multi-faceted product."
"We can get detailed information about vulnerabilities."
 

Cons

"Maybe the ability to make a good reporting format is needed."
"Netsparker doesn't provide the source code of the static application security testing."
"They could enhance the support for data swap testing for the platform."
"The scanning time, complexity, and authentication features of Invicti could be improved."
"They need to improve their support in the documentation. Their support mechanism is missing. Their responsiveness, technical staff, and these types of things need to be improved, and comprehensive documentation is required. They should have good self-service portal enhancement"
"Right now, they are missing the static application security part, especially web application security."
"The scanner itself should be improved because it is a little bit slow."
"The custom attack preparation screen might be improved."
"The cloud and the on-premises versions have their own controllers, and there is no way to centrally manage controllers."
"It isn't easy to manage vulnerabilities in Tenable."
"The platform's technical support services could be better."
"I would like for them to add proxy filtering, where you can transfer and alter the package. It is fully automated. Other web application testers programs are actually proxy software, and the proxy software gives you the flexibility of modifying the outgoing package, which will actually help you in exploiting any vulnerability in detail."
"Tenable.io Web Application Scanning could improve by offering faster fuzzing."
"The technical support needs improvement. Currently, it takes time, which might be due to the free version, but providing some level of support could encourage future purchase decisions."
"Sometimes it lags with different cloud environments."
"Tenable.io Web Application Scanning is not very user-friendly and you need a lot of information to get proper reports. The tool's support is not very responsive."
 

Pricing and Cost Advice

"It is competitive in the security market."
"OWASP Zap is free and it has live updates, so that's a big plus."
"We are using an NFR license and I do not know the exact price of the NFR license. I think 20 FQDN for three years would cost around 35,000 US Dollars."
"The price should be 20% lower"
"We never had any issues with the licensing; the price was within our assigned limits."
"Invicti is best suited for large enterprises. I don't think small and medium-sized businesses can afford it. Maintenance costs aren't that great."
"Netsparker is one of the costliest products in the market. It would help if they could allow us to scan multiple URLs on the same license."
"I think that price it too high, like other Security applications such as Acunetix, WebInspect, and so on."
"It follows the same licensing scheme as Tenable.io and Tenable. sc."
"For Tenable.io Web Application Scanning, it comes to around 6,50,000 Indian rupees, plus taxes."
"Tenable.io Web Application Scanning is expensive for small businesses."
"I rate the product's pricing a four out of ten."
"The pricing is okay."
"The price of the solution is reasonable compared to the competitors. The license cost is based on the number of users and the annual usage."
"The application is extremely affordable. There are no additional costs involved with licensing. We switched to Tenable.io Web Application Scanning from other solutions due to pricing."
report
Use our free recommendation engine to learn which Dynamic Application Security Testing (DAST) solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
48%
Financial Services Firm
10%
Computer Software Company
7%
Manufacturing Company
5%
Financial Services Firm
14%
Computer Software Company
13%
Government
12%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for Netsparker Web Application Security Scanner?
As a technical user, I do not handle pricing or licensing, but I am aware that Invicti offers flexible licensing models based on organizational needs.
What do you like most about Invicti?
The most valuable feature of Invicti is getting baseline scanning and incremental scan.
What needs improvement with Invicti?
Invicti's reporting capabilities need enhancement. We need enterprise-level information instead of repo-level details. Unlike Appiro, Invicti does not provide portfolio-level insights into vulnerab...
What do you like most about Tenable.io Web Application Scanning?
The most effective feature of the product is the ability to scan the entire environment.
What needs improvement with Tenable.io Web Application Scanning?
Improvements could include providing coverage reports in the free version and features related to security reports. Also, enhancing technical support would be beneficial as there is room for improv...
What advice do you have for others considering Tenable.io Web Application Scanning?
I would recommend Tenable.io Web Application Scanning as it provides us with good reports, which help improve our code base, despite the lack of financial benefits. Overall, I would rate it seven o...
 

Also Known As

Netsparker
No data available
 

Overview

 

Sample Customers

Samsung, The Walt Disney Company, T-Systems, ING Bank
IMDEX
Find out what your peers are saying about Invicti vs. Tenable.io Web Application Scanning and other solutions. Updated: October 2024.
849,190 professionals have used our research since 2012.