No more typing reviews! Try our Samantha, our new voice AI agent.
Invicti Logo

Invicti pros and cons

Vendor: Invicti
4.1 out of 5
Leave a review

Pros & Cons summary

Invicti offers exceptional scanning capabilities with a unique crawling feature, maintaining network efficiency and enhancing CI/CD pipeline integration for proactive vulnerability detection. It excels in accuracy, reduces false positives, and verifies vulnerabilities, though reporting capabilities and support require improvement. Challenges include costly URL-based licensing, difficulty in highlighting high-level vulnerabilities, limited multi-factor authentication support, and lengthy scanning times compared to other DAST tools, necessitating usability enhancements for tech buyers.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Invicti excels in scanning capabilities and offers a unique crawling feature compared to other similar scanners.
Its scanning process does not heavily impact network resources, allowing seamless operation.
Invicti demonstrates a high level of accuracy and a quick scanning process, making it a reliable tool for vulnerability identification.
The platform integrates effectively with CI/CD pipelines, enhancing proactive vulnerability detection during deployment or code push.
Invicti stands out in reducing false positives and verifying vulnerabilities, significantly improving security testing efficiency.

CONS

Invicti's reporting capabilities require improvement for more comprehensive and user-friendly options.
The higher-level vulnerabilities, such as Cross-Site Scripting and SQL Injection, are challenging to highlight.
Licensing is tied to URLs, which proves costly and restrictive, especially for scanning different domains.
The scanning time is lengthy compared to other DAST tools, which affects usability.
Support, documentation, and multi-factor authentication support need enhancement.
 

Invicti Pros review quotes

Kunal M - PeerSpot reviewer
Kunal M
Capability Center Leader, ETRM Platforms at Shell
Feb 7, 2025
Invicti's proactive scanning measures vulnerabilities each time we deploy or push code to a new environment.
Read full review
JanetMuhia - PeerSpot reviewer
JanetMuhia
Cyber Security Engineer at Spartec
Nov 25, 2024
Netsparker has valuable features, including the ability to scan our website, an interactive approach, and security data integration.
Read full review
KashifJamil - PeerSpot reviewer
KashifJamil
CEO at Xcelliti
Aug 16, 2024
It has very good integration with the CI/CD pipeline.
Read full review
Buyer's Guide
Invicti
May 2026
Free Report: Invicti Reviews and More
Learn what your peers think about Invicti. Get advice and tips from experienced pros sharing their opinions. Updated: May 2026.
DOWNLOAD NOW
893,221 professionals have used our research since 2012.
Valavan Sivgalingam - PeerSpot reviewer
Valavan Sivgalingam
Senior Manager, Security Engineering at ESS
Aug 4, 2023
Invicti is a good product, and its API testing is also good.
Read full review
Amr Abdelnaser - PeerSpot reviewer
Amr Abdelnaser
Senior Information Security Analyst at EastNets Holding Ltd.
Aug 14, 2023
The best features of Invicti are its ability to confirm access vulnerabilities, SSL injection vulnerabilities, and its connectors to other security tools.
Read full review
Berk Onur - PeerSpot reviewer
Berk Onur
Presales Consultant at Cyberwise
Sep 16, 2024
I am impressed with Invictus’ proof-based scanning. The solution has reduced the incidence of false positive vulnerabilities. It has helped us reduce our time and focus on vulnerabilities.
Read full review
Vishal Dhamke - PeerSpot reviewer
Vishal Dhamke
Vice President Application Security North America at BNP Paribas
Jul 29, 2021
The dashboard is really cool, and the features are really good. It tells you about the software version you're using in your web application. It gives you the entire technology stack, and that really helps. Both web and desktop apps are good in terms of application scanning. It has a lot of security checks that are easily customizable as per your requirements. It also has good customer support.
Read full review
AO
Abdullah Ozkan
Information Security Engineer at Tübitak Bilgem
May 29, 2024
The platform is stable.
Read full review
Akshay Waghmare - PeerSpot reviewer
Akshay Waghmare
Manager at a consultancy with 10,001+ employees
Nov 9, 2023
The most valuable feature of Invicti is getting baseline scanning and incremental scan.
Read full review
JoelGeorge - PeerSpot reviewer
JoelGeorge
Associate at Tata Consultancy
Apr 25, 2022
It has a comprehensive resulting mechanism. It is a one-stop solution for all your security testing mechanisms.
Read full review
Show 10 more reviews (out of 29)
 

Invicti Cons review quotes

Kunal M - PeerSpot reviewer
Kunal M
Capability Center Leader, ETRM Platforms at Shell
Feb 7, 2025
Invicti's reporting capabilities need enhancement.
Read full review
JanetMuhia - PeerSpot reviewer
JanetMuhia
Cyber Security Engineer at Spartec
Nov 25, 2024
Currently, there is nothing I would like to improve.
Read full review
KashifJamil - PeerSpot reviewer
KashifJamil
CEO at Xcelliti
Aug 16, 2024
They need to improve their support in the documentation. Their support mechanism is missing. Their responsiveness, technical staff, and these types of things need to be improved, and comprehensive documentation is required. They should have good self-service portal enhancement
Read full review
Buyer's Guide
Invicti
May 2026
Free Report: Invicti Reviews and More
Learn what your peers think about Invicti. Get advice and tips from experienced pros sharing their opinions. Updated: May 2026.
DOWNLOAD NOW
893,221 professionals have used our research since 2012.
Valavan Sivgalingam - PeerSpot reviewer
Valavan Sivgalingam
Senior Manager, Security Engineering at ESS
Aug 4, 2023
The scanning time, complexity, and authentication features of Invicti could be improved.
Read full review
Amr Abdelnaser - PeerSpot reviewer
Amr Abdelnaser
Senior Information Security Analyst at EastNets Holding Ltd.
Aug 14, 2023
The solution needs to make a more specific report.
Read full review
Berk Onur - PeerSpot reviewer
Berk Onur
Presales Consultant at Cyberwise
Sep 16, 2024
The licensing model should be improved to be more cost-effective. There are URL restrictions that consume our license. Compared to other DAST solutions and task tools like WebInspect and Burp Enterprise, Invicti is very expensive. The solution’s scanning time is also very long compared to other DAST tools. It might be due to proof-based scanning.
Read full review
Vishal Dhamke - PeerSpot reviewer
Vishal Dhamke
Vice President Application Security North America at BNP Paribas
Jul 29, 2021
The license could be better. It would help if they could allow us to scan multiple URLs on the same license. It's a major hindrance that we are facing while scanning applications, and we have to be sure that the URLs are the same and not different so that we do not end up consuming another license for it. Netsparker is one of the costliest products in the market. The licensing is tied to the URL, and it's restricted. If you have a URL that you scanned once, like a website, you cannot retry that same license. If you are scanning the same website but in a different domain or different URL, you might end up paying for a second license. It would also be better if they provided proper support for multi-factor authentications. In the next release, I would like them to include good multi-factor authentication support.
Read full review
AO
Abdullah Ozkan
Information Security Engineer at Tübitak Bilgem
May 29, 2024
They could enhance the support for data swap testing for the platform.
Read full review
Akshay Waghmare - PeerSpot reviewer
Akshay Waghmare
Manager at a consultancy with 10,001+ employees
Nov 9, 2023
The solution's false positive analysis and vulnerability analysis libraries could be improved.
Read full review
JoelGeorge - PeerSpot reviewer
JoelGeorge
Associate at Tata Consultancy
Apr 25, 2022
Reporting should be improved. The reporting options should be made better for end-users. Currently, it is possible, but it's not the best. Being able to choose what I want to see in my reports rather than being given prefixed information would make my life easier. I had to depend on the API for getting the content that I wanted. If they could fix the reporting feature to make it more comprehensive and user-friendly, it would help a lot of end-users. Everything else was good about this product.
Read full review
Show 10 more reviews (out of 29)

Product Categories

Product Categories
Dynamic Application Security Testing (DAST)
Static Application Security Testing (SAST)
Container Security
Software Composition Analysis (SCA)
API Security
Application Security Posture Management (ASPM)

Popular Comparisons

Popular Comparisons
SonarQube vs Invicti Logo
SonarQube vs Invicti
Snyk vs Invicti Logo
Snyk vs Invicti
Checkmarx One vs Invicti Logo
Checkmarx One vs Invicti
GitLab vs Invicti Logo
GitLab vs Invicti
Veracode vs Invicti Logo
Veracode vs Invicti
Imperva Application Security Platform vs Invicti Logo
Imperva Application Security Platform vs Invicti
CrowdStrike Falcon Cloud Security vs Invicti Logo
CrowdStrike Falcon Cloud Security vs Invicti
Orca Security vs Invicti Logo
Orca Security vs Invicti
TrendAI Vision One – Cloud Security vs Invicti Logo
TrendAI Vision One – Cloud Security vs Invicti
Coverity Static vs Invicti Logo
Coverity Static vs Invicti
Acunetix vs Invicti Logo
Acunetix vs Invicti
PortSwigger Burp Suite Professional vs Invicti Logo
PortSwigger Burp Suite Professional vs Invicti
Mend.io vs Invicti Logo
Mend.io vs Invicti
OpenText Core Application Security vs Invicti Logo
OpenText Core Application Security vs Invicti
OWASP Zap vs Invicti Logo
OWASP Zap vs Invicti
See all alternatives

Product Categories

Product Categories
Dynamic Application Security Testing (DAST)
Static Application Security Testing (SAST)
Container Security
Software Composition Analysis (SCA)
API Security
Application Security Posture Management (ASPM)

Popular Comparisons

Popular Comparisons
SonarQube vs Invicti Logo
SonarQube vs Invicti
Snyk vs Invicti Logo
Snyk vs Invicti
Checkmarx One vs Invicti Logo
Checkmarx One vs Invicti
GitLab vs Invicti Logo
GitLab vs Invicti
Veracode vs Invicti Logo
Veracode vs Invicti
Imperva Application Security Platform vs Invicti Logo
Imperva Application Security Platform vs Invicti
CrowdStrike Falcon Cloud Security vs Invicti Logo
CrowdStrike Falcon Cloud Security vs Invicti
Orca Security vs Invicti Logo
Orca Security vs Invicti
TrendAI Vision One – Cloud Security vs Invicti Logo
TrendAI Vision One – Cloud Security vs Invicti
Coverity Static vs Invicti Logo
Coverity Static vs Invicti
Acunetix vs Invicti Logo
Acunetix vs Invicti
PortSwigger Burp Suite Professional vs Invicti Logo
PortSwigger Burp Suite Professional vs Invicti
Mend.io vs Invicti Logo
Mend.io vs Invicti
OpenText Core Application Security vs Invicti Logo
OpenText Core Application Security vs Invicti
OWASP Zap vs Invicti Logo
OWASP Zap vs Invicti
See all alternatives
Related questions
  • 38
When evaluating Dynamic Application Security Testing (DAST), what aspect do you think is the most important to look for?
  • 42
Why is Dynamic Application Security Testing (DAST) important for companies?