No more typing reviews! Try our Samantha, our new voice AI agent.
Invicti Logo

Invicti pros and cons

Vendor: Invicti
4.1 out of 5
Leave a review

Pros & Cons summary

Invicti offers exceptional scanning capabilities with a unique crawling feature, maintaining network efficiency and enhancing CI/CD pipeline integration for proactive vulnerability detection. It excels in accuracy, reduces false positives, and verifies vulnerabilities, though reporting capabilities and support require improvement. Challenges include costly URL-based licensing, difficulty in highlighting high-level vulnerabilities, limited multi-factor authentication support, and lengthy scanning times compared to other DAST tools, necessitating usability enhancements for tech buyers.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Invicti excels in scanning capabilities and offers a unique crawling feature compared to other similar scanners.
Its scanning process does not heavily impact network resources, allowing seamless operation.
Invicti demonstrates a high level of accuracy and a quick scanning process, making it a reliable tool for vulnerability identification.
The platform integrates effectively with CI/CD pipelines, enhancing proactive vulnerability detection during deployment or code push.
Invicti stands out in reducing false positives and verifying vulnerabilities, significantly improving security testing efficiency.

CONS

Invicti's reporting capabilities require improvement for more comprehensive and user-friendly options.
The higher-level vulnerabilities, such as Cross-Site Scripting and SQL Injection, are challenging to highlight.
Licensing is tied to URLs, which proves costly and restrictive, especially for scanning different domains.
The scanning time is lengthy compared to other DAST tools, which affects usability.
Support, documentation, and multi-factor authentication support need enhancement.
 

Invicti Pros review quotes

it_user494973 - PeerSpot reviewer
it_user494973
Software Quality Assurance Engineer at ITONICS GmbH
Jan 11, 2017
I would definitely recommend it to those who really want to know in-depth details of their applications/products regarding security.
Read full review
it_user496341 - PeerSpot reviewer
it_user496341
IT Engineer at a aerospace/defense firm with 1,001-5,000 employees
Sep 1, 2016
Technical support is very professional, 10/10.
Read full review
it_user498570 - PeerSpot reviewer
it_user498570
Quality Assurance Specialist at a computer software company with 51-200 employees
Aug 18, 2016
NetSparker is a very easy to use and understand product.
Read full review
Buyer's Guide
Invicti
March 2026
Free Report: Invicti Reviews and More
Learn what your peers think about Invicti. Get advice and tips from experienced pros sharing their opinions. Updated: March 2026.
DOWNLOAD NOW
885,311 professionals have used our research since 2012.
it_user490131 - PeerSpot reviewer
it_user490131
Software Quality Assurance Analyst at a real estate/law firm with 5,001-10,000 employees
Sep 1, 2016
It has improved the security of our code by scanning it and finding security defects.
Read full review
it_user696993 - PeerSpot reviewer
it_user696993
Senior Information Security Consultant at a tech services company
Jul 5, 2017
Its ability to crawl a web application is quite different than another similar scanner.
Read full review
it_user700140 - PeerSpot reviewer
it_user700140
Ex Senior Security Analyst and Onsite consultant at Paladion Networks
Dec 11, 2017
The scanner is light on the network and does not impact the network when scans are running.
Read full review
it_user701418 - PeerSpot reviewer
it_user701418
Security Analyst with 1,001-5,000 employees
Jul 12, 2017
The scanner and the result generator are valuable features for us.
Read full review
it_user702261 - PeerSpot reviewer
it_user702261
Manager Compliance - Processes / InfoSec. at a tech services company with 201-500 employees
Jul 13, 2017
Scan, proxify the application, and then detailed report along with evidence and remediations to problems.
Read full review
it_user494973 - PeerSpot reviewer
it_user494973
Software Quality Assurance Engineer at ITONICS GmbH
Dec 18, 2017
When we try to manually exploit the vulnerabilities, it often takes time to realize what's going on and what needs to be done.
Read full review
NY
Nur Yesilyurt
Attack Developer at a tech vendor
Aug 31, 2018
Crawling feature: Netsparker has very detail crawling steps and mechanisms. This feature expands the attack surface.
Read full review
Show 10 more reviews (out of 29)
 

Invicti Cons review quotes

it_user494973 - PeerSpot reviewer
it_user494973
Software Quality Assurance Engineer at ITONICS GmbH
Jan 11, 2017
Sometimes, it is slow; when we are running this application and browsing other applications concurrently, it makes other applications work slow.
Read full review
it_user496341 - PeerSpot reviewer
it_user496341
IT Engineer at a aerospace/defense firm with 1,001-5,000 employees
Sep 1, 2016
Maybe supported clients can be improved. It still does not search vulnerabilities in DB2 databases, for example.
Read full review
it_user498570 - PeerSpot reviewer
it_user498570
Quality Assurance Specialist at a computer software company with 51-200 employees
Aug 18, 2016
It is a good tool, as we found out with the Community Edition trial, but the price point is quite expensive for a startup or average-sized company.
Read full review
Buyer's Guide
Invicti
March 2026
Free Report: Invicti Reviews and More
Learn what your peers think about Invicti. Get advice and tips from experienced pros sharing their opinions. Updated: March 2026.
DOWNLOAD NOW
885,311 professionals have used our research since 2012.
it_user490131 - PeerSpot reviewer
it_user490131
Software Quality Assurance Analyst at a real estate/law firm with 5,001-10,000 employees
Sep 1, 2016
Speed: It spends about one hour on scanning; I would like it to be less than 30 minutes.
Read full review
it_user696993 - PeerSpot reviewer
it_user696993
Senior Information Security Consultant at a tech services company
Jul 5, 2017
Maybe the ability to make a good reporting format is needed.
Read full review
it_user700140 - PeerSpot reviewer
it_user700140
Ex Senior Security Analyst and Onsite consultant at Paladion Networks
Dec 11, 2017
The higher level vulnerabilities like Cross-Site Scripting, SQL Injection, and other higher level injection attacks are difficult to highlight using Netsparker.
Read full review
it_user701418 - PeerSpot reviewer
it_user701418
Security Analyst with 1,001-5,000 employees
Jul 12, 2017
The support's response time could be faster since we are in different time zones.
Read full review
it_user702261 - PeerSpot reviewer
it_user702261
Manager Compliance - Processes / InfoSec. at a tech services company with 201-500 employees
Jul 13, 2017
I think that it freezes without any specific reason at times. This needs to be looked into.
Read full review
it_user494973 - PeerSpot reviewer
it_user494973
Software Quality Assurance Engineer at ITONICS GmbH
Dec 18, 2017
It would be better for listing and attacking Java-based web applications to exploit vulnerabilities.
Read full review
NY
Nur Yesilyurt
Attack Developer at a tech vendor
Aug 31, 2018
The custom attack preparation screen might be improved.
Read full review
Show 10 more reviews (out of 29)

Product Categories

Product Categories
Dynamic Application Security Testing (DAST)
Static Application Security Testing (SAST)
Container Security
Software Composition Analysis (SCA)
API Security
Application Security Posture Management (ASPM)

Popular Comparisons

Popular Comparisons
SonarQube vs Invicti Logo
SonarQube vs Invicti
Snyk vs Invicti Logo
Snyk vs Invicti
Checkmarx One vs Invicti Logo
Checkmarx One vs Invicti
GitLab vs Invicti Logo
GitLab vs Invicti
Veracode vs Invicti Logo
Veracode vs Invicti
Imperva Application Security Platform vs Invicti Logo
Imperva Application Security Platform vs Invicti
CrowdStrike Falcon Cloud Security vs Invicti Logo
CrowdStrike Falcon Cloud Security vs Invicti
Coverity Static vs Invicti Logo
Coverity Static vs Invicti
Acunetix vs Invicti Logo
Acunetix vs Invicti
TrendAI Vision One – Cloud Security vs Invicti Logo
TrendAI Vision One – Cloud Security vs Invicti
Mend.io vs Invicti Logo
Mend.io vs Invicti
OpenText Core Application Security vs Invicti Logo
OpenText Core Application Security vs Invicti
OWASP Zap vs Invicti Logo
OWASP Zap vs Invicti
PortSwigger Burp Suite Professional vs Invicti Logo
PortSwigger Burp Suite Professional vs Invicti
HCL AppScan vs Invicti Logo
HCL AppScan vs Invicti
See all alternatives

Product Categories

Product Categories
Dynamic Application Security Testing (DAST)
Static Application Security Testing (SAST)
Container Security
Software Composition Analysis (SCA)
API Security
Application Security Posture Management (ASPM)

Popular Comparisons

Popular Comparisons
SonarQube vs Invicti Logo
SonarQube vs Invicti
Snyk vs Invicti Logo
Snyk vs Invicti
Checkmarx One vs Invicti Logo
Checkmarx One vs Invicti
GitLab vs Invicti Logo
GitLab vs Invicti
Veracode vs Invicti Logo
Veracode vs Invicti
Imperva Application Security Platform vs Invicti Logo
Imperva Application Security Platform vs Invicti
CrowdStrike Falcon Cloud Security vs Invicti Logo
CrowdStrike Falcon Cloud Security vs Invicti
Coverity Static vs Invicti Logo
Coverity Static vs Invicti
Acunetix vs Invicti Logo
Acunetix vs Invicti
TrendAI Vision One – Cloud Security vs Invicti Logo
TrendAI Vision One – Cloud Security vs Invicti
Mend.io vs Invicti Logo
Mend.io vs Invicti
OpenText Core Application Security vs Invicti Logo
OpenText Core Application Security vs Invicti
OWASP Zap vs Invicti Logo
OWASP Zap vs Invicti
PortSwigger Burp Suite Professional vs Invicti Logo
PortSwigger Burp Suite Professional vs Invicti
HCL AppScan vs Invicti Logo
HCL AppScan vs Invicti
See all alternatives
Related questions
  • 18
When evaluating Dynamic Application Security Testing (DAST), what aspect do you think is the most important to look for?
  • 26
Why is Dynamic Application Security Testing (DAST) important for companies?