We performed a comparison between GitLab and Invicti based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution is stable."
"The most valuable features of Gitlab are integration with CIE and the ability to rapidly deploy solutions, projects, and applications. It is very easy to use, and there are no complaints."
"The most valuable features of GitLab are the review, patch repo, and plans are in YAML."
"GitLab is very useful for pipelines, continuous integration, and continuous deployment. It is also stable."
"As a developer, this solution is useful as a repository holder because most of the POC projects that we have are on GitLab."
"It is scalable."
"The important feature is the entire process of versioning source code maintenance and easy deployment. It is a necessity for the CI/CD pipeline."
"This product is always evolving, and they listen to the customers."
"Its ability to crawl a web application is quite different than another similar scanner."
"This tool is really fast and the information that they provide on vulnerabilities is pretty good."
"Invicti is a good product, and its API testing is also good."
"It has a comprehensive resulting mechanism. It is a one-stop solution for all your security testing mechanisms."
"The most attractive feature was the reporting review tool. The reporting review was very impressive and produced very fruitful reports."
"The dashboard is really cool, and the features are really good. It tells you about the software version you're using in your web application. It gives you the entire technology stack, and that really helps. Both web and desktop apps are good in terms of application scanning. It has a lot of security checks that are easily customizable as per your requirements. It also has good customer support."
"The scanner is light on the network and does not impact the network when scans are running."
"The solution generates reports automatically and quickly."
"The solution could be faster."
"The initial setup was quite challenging because it takes some time to understand how to pull out or push the code."
"In the free version, when a merge request is raised, there is no way to enforce certain rules. We can't enforce that this merge request must be reviewed or approved by two or three people in the team before it is pushed to the master branch. That's why we are exploring using some agents."
"When deploying the solution on cloud and the CI/CD pipeline, we have to define the steps and it becomes confusing."
"Reporting could be improved."
"GitLab doesn't have AWS integration. It would be better to have integration with other container management environments beyond Kubernetes. It has very good integration with Kubernetes, but it doesn't have good integration with, for example, AWS, ETS, etc."
"The documentation could be improved to help newcomers better understand things like creating new branches."
"I used Spring Cloud config and to connect that to GitLab was so hard."
"The license could be better. It would help if they could allow us to scan multiple URLs on the same license. It's a major hindrance that we are facing while scanning applications, and we have to be sure that the URLs are the same and not different so that we do not end up consuming another license for it. Netsparker is one of the costliest products in the market. The licensing is tied to the URL, and it's restricted. If you have a URL that you scanned once, like a website, you cannot retry that same license. If you are scanning the same website but in a different domain or different URL, you might end up paying for a second license. It would also be better if they provided proper support for multi-factor authentications. In the next release, I would like them to include good multi-factor authentication support."
"The higher level vulnerabilities like Cross-Site Scripting, SQL Injection, and other higher level injection attacks are difficult to highlight using Netsparker."
"Maybe the ability to make a good reporting format is needed."
"The scanning time, complexity, and authentication features of Invicti could be improved."
"Right now, they are missing the static application security part, especially web application security."
"The solution's false positive analysis and vulnerability analysis libraries could be improved."
"Invicti takes too long with big applications, and there are issues with the login portal."
"The custom attack preparation screen might be improved."
GitLab is ranked 7th in Application Security Tools with 70 reviews while Invicti is ranked 20th in Application Security Tools with 25 reviews. GitLab is rated 8.6, while Invicti is rated 8.2. The top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". On the other hand, the top reviewer of Invicti writes "A customizable security testing solution with good tech support, but the price could be better". GitLab is most compared with Microsoft Azure DevOps, SonarQube, Bamboo, AWS CodePipeline and Tekton, whereas Invicti is most compared with OWASP Zap, Acunetix, PortSwigger Burp Suite Professional, Qualys Web Application Scanning and Fortify WebInspect. See our GitLab vs. Invicti report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.