Try our new research platform with insights from 80,000+ expert users

Invicti vs Tenable.io Web Application Scanning comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Invicti
Average Rating
8.2
Reviews Sentiment
7.3
Number of Reviews
29
Ranking in other categories
Static Application Security Testing (SAST) (15th), API Security (5th), Dynamic Application Security Testing (DAST) (3rd)
Tenable.io Web Application ...
Average Rating
7.8
Reviews Sentiment
6.7
Number of Reviews
17
Ranking in other categories
Application Security Tools (20th)
 

Mindshare comparison

Invicti and Tenable.io Web Application Scanning aren’t in the same category and serve different purposes. Invicti is designed for Dynamic Application Security Testing (DAST) and holds a mindshare of 13.1%, down 14.1% compared to last year.
Tenable.io Web Application Scanning, on the other hand, focuses on Application Security Tools, holds 1.2% mindshare, down 1.6% since last year.
Dynamic Application Security Testing (DAST)
Application Security Tools
 

Featured Reviews

Kunal M - PeerSpot reviewer
Proactive scanning measures and realistic audit recommendations enhance development focus
Invicti's proactive scanning measures vulnerabilities each time we deploy or push code to a new environment. This feature helps us focus on priorities and prioritize the development team's effort, integrating seamlessly with DevOps to facilitate proactive scans of environments. Invicti also provides audit recommendations that are quite realistic, making it easy to discuss plans with developers.
Harshal Deshmukh - PeerSpot reviewer
Simple tool to use, good dashboard capabilities and offers asset criticality ratings
It has good dashboard capabilities and gives good results with priority ratings, asset criticality ratings, and exposure scores for vulnerabilities. It also provides automated web application scanning, which customers appreciate because it doesn't disturb the web application or hamper the business. While testing the web application, sometimes it happens that the website or application goes down. But with Tenable.io Web Application Scanning, it doesn't affect the business. It has good unified web application scanning and exposure management.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Its ability to crawl a web application is quite different than another similar scanner."
"When we try to manually exploit the vulnerabilities, it often takes time to realize what's going on and what needs to be done."
"The scanner and the result generator are valuable features for us."
"This tool is really fast and the information that they provide on vulnerabilities is pretty good."
"I like that it's stable and technical support is great."
"The most valuable feature of Invicti is getting baseline scanning and incremental scan."
"Netsparker has valuable features, including the ability to scan our website, an interactive approach, and security data integration."
"Netsparker provides a more interactive interface that is more appealing."
"The most valuable features of Tenable.io Web Application Scanning are the integration into specific use cases and scanning. All of the features of the solution are useful."
"The most valuable feature is the reporting, which provides a good level of detail with respect to vulnerabilities."
"Tenable.io Web Application Scanning is very easy to use."
"Now that the license is centralized, it's a significant feature to manipulate assets based on their functions."
"All the features are valuable to us as they offer cutting-edge scanning methods and address the latest issues with a contemporary approach. Tenable.io Web Application Scanning is highly stable. I rate it a nine out ten. Since the solution works on the Cloud, it's highly scalable. I rate the scalability a nine out of ten. The setup of the solution is straightforward. The Return on Investment is substantial. I recommend the solution to all."
"Tenable provides the end analysis results covering all the published vulnerabilities and information on the market."
"It has good unified web application scanning and exposure management."
"We use the tool for our websites. We have a vulnerable subdomain. The tool helps to scan it for vulnerabilities."
 

Cons

"They need to improve their support in the documentation. Their support mechanism is missing. Their responsiveness, technical staff, and these types of things need to be improved, and comprehensive documentation is required. They should have good self-service portal enhancement"
"They could enhance the support for data swap testing for the platform."
"Invicti's reporting capabilities need enhancement."
"The scannings are not sufficiently updated."
"Invicti takes too long with big applications, and there are issues with the login portal."
"The custom attack preparation screen might be improved."
"Reporting should be improved. The reporting options should be made better for end-users. Currently, it is possible, but it's not the best. Being able to choose what I want to see in my reports rather than being given prefixed information would make my life easier. I had to depend on the API for getting the content that I wanted. If they could fix the reporting feature to make it more comprehensive and user-friendly, it would help a lot of end-users. Everything else was good about this product."
"The licensing model should be improved to be more cost-effective. There are URL restrictions that consume our license. Compared to other DAST solutions and task tools like WebInspect and Burp Enterprise, Invicti is very expensive. The solution’s scanning time is also very long compared to other DAST tools. It might be due to proof-based scanning."
"Tenable.io Web Application Scanning could improve by offering faster fuzzing."
"Tenable.io Web Application Scanning conducts a general scan, which wastes time. The scan needs to be specific."
"It isn't easy to manage vulnerabilities in Tenable."
"The market is standard for vulnerability scanning, however, the posture can be improved through Tenable's prioritization engine."
"Sometimes it lags with different cloud environments."
"I would like for them to add proxy filtering, where you can transfer and alter the package. It is fully automated. Other web application testers programs are actually proxy software, and the proxy software gives you the flexibility of modifying the outgoing package, which will actually help you in exploiting any vulnerability in detail."
"The technical support needs improvement. Currently, it takes time, which might be due to the free version, but providing some level of support could encourage future purchase decisions."
"The dashboard could be more user-friendly."
 

Pricing and Cost Advice

"The price should be 20% lower"
"We never had any issues with the licensing; the price was within our assigned limits."
"OWASP Zap is free and it has live updates, so that's a big plus."
"The solution is very expensive. It comes with a yearly subscription. We were paying 6000 dollars yearly for unlimited scans. We have three licenses; basic, business, and ultimate. We need ultimate because it has unlimited scan numbers."
"It is competitive in the security market."
"I think that price it too high, like other Security applications such as Acunetix, WebInspect, and so on."
"Invicti is best suited for large enterprises. I don't think small and medium-sized businesses can afford it. Maintenance costs aren't that great."
"We are using an NFR license and I do not know the exact price of the NFR license. I think 20 FQDN for three years would cost around 35,000 US Dollars."
"The price of the solution is reasonable compared to the competitors. The license cost is based on the number of users and the annual usage."
"It follows the same licensing scheme as Tenable.io and Tenable. sc."
"I rate the product's pricing a four out of ten."
"The pricing is okay."
"Tenable.io Web Application Scanning is expensive for small businesses."
"The application is extremely affordable. There are no additional costs involved with licensing. We switched to Tenable.io Web Application Scanning from other solutions due to pricing."
"For Tenable.io Web Application Scanning, it comes to around 6,50,000 Indian rupees, plus taxes."
report
Use our free recommendation engine to learn which Dynamic Application Security Testing (DAST) solutions are best for your needs.
842,592 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
52%
Financial Services Firm
9%
Computer Software Company
7%
Manufacturing Company
4%
Financial Services Firm
13%
Computer Software Company
13%
Government
11%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for Netsparker Web Application Security Scanner?
As a technical user, I do not handle pricing or licensing, but I am aware that Invicti offers flexible licensing models based on organizational needs.
What do you like most about Invicti?
The most valuable feature of Invicti is getting baseline scanning and incremental scan.
What needs improvement with Invicti?
Invicti's reporting capabilities need enhancement. We need enterprise-level information instead of repo-level details. Unlike Appiro, Invicti does not provide portfolio-level insights into vulnerab...
What do you like most about Tenable.io Web Application Scanning?
The most effective feature of the product is the ability to scan the entire environment.
What needs improvement with Tenable.io Web Application Scanning?
The market is standard for vulnerability scanning, however, the posture can be improved through Tenable's prioritization engine. This is one key area for improvement.
What advice do you have for others considering Tenable.io Web Application Scanning?
I would recommend Tenable.io Web Application Scanning to others. I rate the overall solution a nine out of ten.
 

Also Known As

Netsparker
No data available
 

Overview

 

Sample Customers

Samsung, The Walt Disney Company, T-Systems, ING Bank
IMDEX
Find out what your peers are saying about Invicti vs. Tenable.io Web Application Scanning and other solutions. Updated: October 2024.
842,592 professionals have used our research since 2012.