Try our new research platform with insights from 80,000+ expert users

Continuous Dynamic (formerly WhiteHat Dynamic) vs Invicti comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 22, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Continuous Dynamic (formerl...
Ranking in Dynamic Application Security Testing (DAST)
9th
Average Rating
8.0
Number of Reviews
2
Ranking in other categories
No ranking in other categories
Invicti
Ranking in Dynamic Application Security Testing (DAST)
4th
Average Rating
8.2
Reviews Sentiment
6.8
Number of Reviews
31
Ranking in other categories
Static Application Security Testing (SAST) (11th), Container Security (25th), Software Composition Analysis (SCA) (8th), API Security (8th), Application Security Posture Management (ASPM) (5th)
 

Mindshare comparison

As of March 2026, in the Dynamic Application Security Testing (DAST) category, the mindshare of Continuous Dynamic (formerly WhiteHat Dynamic) is 4.8%, up from 2.3% compared to the previous year. The mindshare of Invicti is 8.3%, up from 5.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Dynamic Application Security Testing (DAST) Mindshare Distribution
ProductMindshare (%)
Invicti8.3%
Continuous Dynamic (formerly WhiteHat Dynamic)4.8%
Other86.9%
Dynamic Application Security Testing (DAST)
 

Featured Reviews

it_user245412 - PeerSpot reviewer
Executive Vice President, Operations at a computer software company with 51-200 employees
The product and customer service is extremely efficient but I would like to see more research and code examples.
* The continuous online scanning capabilities and reporting features. * The SaaS product features accessible from a browser make managing our online systems easy. * The ability to review security items quickly along with being able to retest vulnerabilities on our schedule make the Sentinel product an invaluable tool for our company’s product security requirements.
Valavan Sivgalingam - PeerSpot reviewer
Senior Manager, Security Engineering at ESS
Dynamic testing regularly identifies web vulnerabilities and has strong false positive confirmations
It has good false positive confirmations, confirmed issues identification, and proof of exploit-related features as part of it. We use Invicti for these things in our portfolios. The solution includes Proof-Based Scanning technology. Invicti is part of our SSDLC portfolio, and DAST dynamic testing is very important for our web applications and portfolios. For both the API endpoints and web applications, we do regular testing on a monthly basis for all our releases. Invicti does a good job. The only concern is on the performance side, but other than that, we find it really helpful in identifying web vulnerabilities. A full scan takes more time based on your website and other factors, but for us, it takes more than two to three days. The scan performance can be improved upon. When we check with them, they discuss proof-based scanning and related aspects. However, there could be intermittent results that could help us.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The SaaS product features accessible from a browser make managing our online systems easy."
"The solution generates reports automatically and quickly."
"The best features of Invicti are its ability to confirm access vulnerabilities, SSL injection vulnerabilities, and its connectors to other security tools."
"The scanner is light on the network and does not impact the network when scans are running."
"Crawling feature: Netsparker has very detail crawling steps and mechanisms. This feature expands the attack surface."
"Attacking feature: Actually, attacking is not a solo feature. It contains many attack engines, Hawk, and many properties. But Netsparker's attacking mechanism is very flexible. This increases the vulnerability detection rate. Also, Netsparker made the Hawk for real-time interactive command-line-based exploit testing. It's very valuable for a vulnerability scanner."
"It has very good integration with the CI/CD pipeline."
"Invicti is a good product, and its API testing is also good."
"The most attractive feature was the reporting review tool. The reporting review was very impressive and produced very fruitful reports."
 

Cons

"I would like to see more research and code examples for the vulnerabilities identified to better assist us with our remediation process."
"Netsparker doesn't provide the source code of the static application security testing."
"The solution's false positive analysis and vulnerability analysis libraries could be improved."
"Right now, they are missing the static application security part, especially web application security."
"The scanning time, complexity, and authentication features of Invicti could be improved."
"The solution needs to make a more specific report."
"The scannings are not sufficiently updated."
"Maybe supported clients can be improved. It still does not search vulnerabilities in DB2 databases, for example."
"Maybe the ability to make a good reporting format is needed."
 

Pricing and Cost Advice

Information not available
"I think that price it too high, like other Security applications such as Acunetix, WebInspect, and so on."
"OWASP Zap is free and it has live updates, so that's a big plus."
"It is competitive in the security market."
"We are using an NFR license and I do not know the exact price of the NFR license. I think 20 FQDN for three years would cost around 35,000 US Dollars."
"The price should be 20% lower"
"We never had any issues with the licensing; the price was within our assigned limits."
"The solution is very expensive. It comes with a yearly subscription. We were paying 6000 dollars yearly for unlimited scans. We have three licenses; basic, business, and ultimate. We need ultimate because it has unlimited scan numbers."
"Netsparker is one of the costliest products in the market. It would help if they could allow us to scan multiple URLs on the same license."
report
Use our free recommendation engine to learn which Dynamic Application Security Testing (DAST) solutions are best for your needs.
884,873 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
16%
Healthcare Company
12%
Computer Software Company
12%
Government
8%
Financial Services Firm
15%
Manufacturing Company
9%
Computer Software Company
9%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business14
Midsize Enterprise4
Large Enterprise13
 

Questions from the Community

Ask a question
Earn 20 points
What is your experience regarding pricing and costs for Netsparker Web Application Security Scanner?
The setup cost is pretty competitive. For example, if you want to talk about the SAST license, it comes to about $150 or sometimes less than $100, depending on the conversion or the number of licen...
What needs improvement with Invicti?
At this time, there is nothing that comes to mind. However, most of the products in the market are pretty much neck-to-neck competitors. Speaking about it, there are a couple of factors which they ...
What is your primary use case for Invicti?
I have worked on a couple of products, specifically in web application security. I have worked on Invicti, and with respect to PAM, I have worked with BeyondTrust. I have not worked specifically fo...
 

Also Known As

Sentinel Dynamic, WhiteHat Security Application Security Testing, Synopsys WhiteHat Dynamic
Netsparker
 

Overview

 

Sample Customers

Information Not Available
Samsung, The Walt Disney Company, T-Systems, ING Bank
Find out what your peers are saying about Veracode, Checkmarx, OpenText and others in Dynamic Application Security Testing (DAST). Updated: February 2026.
884,873 professionals have used our research since 2012.