We performed a comparison between HCL AppScan and Invicti based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It has certainly helped us find vulnerabilities in our software, so this is priceless in the end."
"It was easy to set up."
"It provides a better integration for our ecosystem."
"The UI was very intuitive."
"The product is useful, particularly in its sensitivity and scanning capabilities."
"The reporting part is the most valuable feature."
"The most valuable feature of the solution is Postman."
"The most valuable feature of HCL AppScan is scanning QR codes."
"One of the features I like about this program is the low number of false positives and the support it offers."
"The scanner and the result generator are valuable features for us."
"Its ability to crawl a web application is quite different than another similar scanner."
"It has a comprehensive resulting mechanism. It is a one-stop solution for all your security testing mechanisms."
"Scan, proxify the application, and then detailed report along with evidence and remediations to problems."
"Invicti is a good product, and its API testing is also good."
"The best features of Invicti are its ability to confirm access vulnerabilities, SSL injection vulnerabilities, and its connectors to other security tools."
"Invicti's best feature is the ability to identify vulnerabilities and manually verify them."
"The solution's scalability can be a matter of concern because one license runs on one machine only."
"They should have a better UI for dashboards."
"The penetration testing feature should be included."
"The solution could improve by having a mobile version."
"I would like to see the roadmap for this product. We are still waiting to see it as we have only so many resources."
"It has crashed at times."
"A desktop version should be added."
"IBM Security AppScan needs to add performance optimization for quickly scanning the target web applications."
"The solution needs to make a more specific report."
"The scanner itself should be improved because it is a little bit slow."
"The proxy review, the use report views, the current use tool and the subset requests need some improvement. It was hard to understand how to use them."
"Right now, they are missing the static application security part, especially web application security."
"The custom attack preparation screen might be improved."
"The scannings are not sufficiently updated."
"Reporting should be improved. The reporting options should be made better for end-users. Currently, it is possible, but it's not the best. Being able to choose what I want to see in my reports rather than being given prefixed information would make my life easier. I had to depend on the API for getting the content that I wanted. If they could fix the reporting feature to make it more comprehensive and user-friendly, it would help a lot of end-users. Everything else was good about this product."
"The higher level vulnerabilities like Cross-Site Scripting, SQL Injection, and other higher level injection attacks are difficult to highlight using Netsparker."
HCL AppScan is ranked 15th in Application Security Tools with 40 reviews while Invicti is ranked 20th in Application Security Tools with 25 reviews. HCL AppScan is rated 7.6, while Invicti is rated 8.2. The top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". On the other hand, the top reviewer of Invicti writes "A customizable security testing solution with good tech support, but the price could be better". HCL AppScan is most compared with SonarQube, Veracode, Acunetix, PortSwigger Burp Suite Professional and Tenable.io Web Application Scanning, whereas Invicti is most compared with OWASP Zap, Acunetix, PortSwigger Burp Suite Professional, Qualys Web Application Scanning and Veracode. See our HCL AppScan vs. Invicti report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.