No more typing reviews! Try our Samantha, our new voice AI agent.

Invicti vs Tenable.io Container Security comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Invicti
Ranking in Container Security
24th
Average Rating
8.2
Reviews Sentiment
6.8
Number of Reviews
31
Ranking in other categories
Static Application Security Testing (SAST) (10th), Software Composition Analysis (SCA) (8th), API Security (9th), Dynamic Application Security Testing (DAST) (4th), Application Security Posture Management (ASPM) (5th)
Tenable.io Container Security
Ranking in Container Security
26th
Average Rating
8.0
Reviews Sentiment
6.1
Number of Reviews
9
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of May 2026, in the Container Security category, the mindshare of Invicti is 0.9%, up from 0.3% compared to the previous year. The mindshare of Tenable.io Container Security is 1.1%, up from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Container Security Mindshare Distribution
ProductMindshare (%)
Invicti0.9%
Tenable.io Container Security1.1%
Other98.0%
Container Security
 

Featured Reviews

Valavan Sivgalingam - PeerSpot reviewer
Senior Manager, Security Engineering at ESS
Dynamic testing regularly identifies web vulnerabilities and has strong false positive confirmations
It has good false positive confirmations, confirmed issues identification, and proof of exploit-related features as part of it. We use Invicti for these things in our portfolios. The solution includes Proof-Based Scanning technology. Invicti is part of our SSDLC portfolio, and DAST dynamic testing is very important for our web applications and portfolios. For both the API endpoints and web applications, we do regular testing on a monthly basis for all our releases. Invicti does a good job. The only concern is on the performance side, but other than that, we find it really helpful in identifying web vulnerabilities. A full scan takes more time based on your website and other factors, but for us, it takes more than two to three days. The scan performance can be improved upon. When we check with them, they discuss proof-based scanning and related aspects. However, there could be intermittent results that could help us.
AS
Cyber Security Architect at a security firm with 201-500 employees
Detailed container image reports have improved vulnerability insight and support secure operations
Most valuable are the reports that are quite good, particularly the detailed ones for container image scanning. Tenable.io Container Security is giving me the vulnerability information of Docker images and the information about software bill of materials. However, my challenge at this time is that I am using all these solutions with GitLab Ultimate, and it does not support integration, so I am doing some alternate arrangements which are giving me operational complexity because I need to introduce something else instead of GitLab Ultimate. That is the primary concern regarding the benefits of real-time visibility into my containerized application security status.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The scanner is light on the network and does not impact the network when scans are running."
"OWASP Zap is free and it has live updates, so that's a big plus."
"The solution generates reports automatically and quickly."
"Crawling feature: Netsparker has very detail crawling steps and mechanisms. This feature expands the attack surface."
"The scanner is light on the network and does not impact the network when scans are running."
"One of the features I like about this program is the low number of false positives and the support it offers."
"Netsparker has done an awesome job with its crawler, as it has found all of the links (also thanks to its good DOM parser)."
"I would rate the stability as ten out of ten."
"Most valuable are the reports that are quite good, particularly the detailed ones for container image scanning."
"By using Nessus, we are able to finish testing with assured results, in half the time."
"The tool's most valuable feature is scanning, reporting, and troubleshooting."
"The solution shows you the exploitable vulnerabilities and helps you prioritize."
"Tenable.io detects misconfiguration when you deploy a Docker or Kubernetes container. It's much better to remedy these issues during deployment instead of waiting until the container is already in the production environment."
"It helps us secure our applications from the build phase and identify the weaknesses from scratch."
"Currently, I haven't implemented the solution due to its deprecation by the site. However, I can highlight some benefits of Tenable Cloud Security, a cybersecurity solution with various features for scanning vulnerabilities in both cloud environments and on-premises container security."
"It is a scalable solution. Scalability-wise, it is a good solution."
 

Cons

"They need to improve their support in the documentation. Their support mechanism is missing. Their responsiveness, technical staff, and these types of things need to be improved, and comprehensive documentation is required. They should have good self-service portal enhancement"
"Perhaps the custom attack preparation screen might be improved."
"Speed: It spends about one hour on scanning; I would like it to be less than 30 minutes."
"The higher level vulnerabilities like Cross-Site Scripting, SQL Injection, and other higher level injection attacks are difficult to highlight using Netsparker."
"Netsparker doesn't provide the source code of the static application security testing."
"Improvement could be made in the area of production."
"Maybe supported clients can be improved. It still does not search vulnerabilities in DB2 databases, for example."
"I think that it freezes without any specific reason at times."
"I feel that in certain areas this product has false positives which the company should work on."
"I believe integration plays a crucial role for Tenable, particularly in terms of connecting with other products and various container solutions like Docker or Kubernetes. It seems that in future updates, enhanced integration is something I would appreciate. Currently, there is integration with Docker, but when it comes to Kubernetes or other container solutions, it appears to be a challenge, especially with on-prem scanners."
"However, my challenge at this time is that I am using all these solutions with GitLab Ultimate, and it does not support integration, so I am doing some alternate arrangements which are giving me operational complexity because I need to introduce something else instead of GitLab Ultimate."
"The initial setup is highly complex."
"Tenable.io Container Security should improve integration modules. It should also improve stability."
"The solution’s pricing could be improved."
"The initial setup is highly complex."
"I feel that in certain areas this product has false positives which the company should work on. They should also try to include business logic vulnerabilities in the scanner testing. Finally, the vulnerability assessment feature should be increased to other hardware devices, apart from firewalls."
 

Pricing and Cost Advice

"OWASP Zap is free and it has live updates, so that's a big plus."
"Invicti is best suited for large enterprises. I don't think small and medium-sized businesses can afford it. Maintenance costs aren't that great."
"We are using an NFR license and I do not know the exact price of the NFR license. I think 20 FQDN for three years would cost around 35,000 US Dollars."
"The price should be 20% lower"
"The solution is very expensive. It comes with a yearly subscription. We were paying 6000 dollars yearly for unlimited scans. We have three licenses; basic, business, and ultimate. We need ultimate because it has unlimited scan numbers."
"It is competitive in the security market."
"I think that price it too high, like other Security applications such as Acunetix, WebInspect, and so on."
"We never had any issues with the licensing; the price was within our assigned limits."
"The product does not operate on a pay-per-license model."
"I rate the product’s pricing a six out of ten."
"The solution's pricing is neither cheap nor very expensive."
"It's best to be an institutional buyer and directly contact the sales team as they can provide over-the-top discounts for bulk orders."
"I rate the tool's pricing a three out of ten."
report
Use our free recommendation engine to learn which Container Security solutions are best for your needs.
893,221 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
16%
Manufacturing Company
9%
Computer Software Company
7%
Government
6%
Financial Services Firm
16%
Manufacturing Company
10%
Government
8%
Retailer
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business14
Midsize Enterprise4
Large Enterprise13
By reviewers
Company SizeCount
Small Business2
Midsize Enterprise3
Large Enterprise4
 

Questions from the Community

What is your experience regarding pricing and costs for Netsparker Web Application Security Scanner?
The setup cost is pretty competitive. For example, if you want to talk about the SAST license, it comes to about $150 or sometimes less than $100, depending on the conversion or the number of licen...
What needs improvement with Invicti?
At this time, there is nothing that comes to mind. However, most of the products in the market are pretty much neck-to-neck competitors. Speaking about it, there are a couple of factors which they ...
What is your primary use case for Invicti?
I have worked on a couple of products, specifically in web application security. I have worked on Invicti, and with respect to PAM, I have worked with BeyondTrust. I have not worked specifically fo...
What needs improvement with Tenable.io Container Security?
Several things need improvement about Tenable.io Container Security. First, they should support GitLab Ultimate. Second, Docker-based installation would be required because not everybody has proper...
What is your primary use case for Tenable.io Container Security?
I have been dealing with Tenable.io Container Security for almost four to six months.
 

Also Known As

Netsparker
Tenable FlawCheck, FlawCheck
 

Overview

 

Sample Customers

Samsung, The Walt Disney Company, T-Systems, ING Bank
ServiceMaster
Find out what your peers are saying about Invicti vs. Tenable.io Container Security and other solutions. Updated: April 2026.
893,221 professionals have used our research since 2012.