We performed a comparison between CAST Highlight and Invicti based on real PeerSpot user reviews.
Find out in this report how the two Software Composition Analysis (SCA) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."CAST Highlight is easy to use and has a good dashboard."
"The most valuable features of CAST Highlight are automation and speed."
"The way it tells you which codebase is more ready for the cloud and which codebase is less ready is very valuable. It works seamlessly with most languages."
"It offers good performance."
"The most valuable features of the CAST Highlight are the interface and there are three notations that are very simple to understand and communicate with."
"It has a comprehensive resulting mechanism. It is a one-stop solution for all your security testing mechanisms."
"The scanner is light on the network and does not impact the network when scans are running."
"The dashboard is really cool, and the features are really good. It tells you about the software version you're using in your web application. It gives you the entire technology stack, and that really helps. Both web and desktop apps are good in terms of application scanning. It has a lot of security checks that are easily customizable as per your requirements. It also has good customer support."
"Invicti's best feature is the ability to identify vulnerabilities and manually verify them."
"Scan, proxify the application, and then detailed report along with evidence and remediations to problems."
"The most attractive feature was the reporting review tool. The reporting review was very impressive and produced very fruitful reports."
"The best features of Invicti are its ability to confirm access vulnerabilities, SSL injection vulnerabilities, and its connectors to other security tools."
"Its ability to crawl a web application is quite different than another similar scanner."
"Its price should be better. It is a pretty costly tool. They have two products: CAST Highlight and CAST AIP. I would expect CAST Highlight to have the Help dashboard and the Engineering dashboard. These dashboards are currently a part of CAST AIP, and if these are made available in CAST Highlight, customers won't have to use two different products all the time."
"There's a bit of a learning curve at the outset."
"The reports that describe the issues of concern are rather abstract and the issues should be more clearly described to the user."
"The ease of configuration and customization could be improved in CAST Highlight."
"CAST Highlight could improve to allow us to comment and do a deep analysis by ourselves."
"The scanning time, complexity, and authentication features of Invicti could be improved."
"Invicti takes too long with big applications, and there are issues with the login portal."
"The solution needs to make a more specific report."
"The scannings are not sufficiently updated."
"The licensing model should be improved to be more cost-effective. There are URL restrictions that consume our license. Compared to other DAST solutions and task tools like WebInspect and Burp Enterprise, Invicti is very expensive. The solution’s scanning time is also very long compared to other DAST tools. It might be due to proof-based scanning."
"Right now, they are missing the static application security part, especially web application security."
"The solution's false positive analysis and vulnerability analysis libraries could be improved."
"The custom attack preparation screen might be improved."
CAST Highlight is ranked 10th in Software Composition Analysis (SCA) with 5 reviews while Invicti is ranked 20th in Application Security Tools with 25 reviews. CAST Highlight is rated 7.8, while Invicti is rated 8.2. The top reviewer of CAST Highlight writes "Easy to set up with optimized and automated insights". On the other hand, the top reviewer of Invicti writes "A customizable security testing solution with good tech support, but the price could be better". CAST Highlight is most compared with SonarQube, Checkmarx One, Snyk, Veracode and Black Duck, whereas Invicti is most compared with OWASP Zap, Acunetix, PortSwigger Burp Suite Professional, Tenable.io Web Application Scanning and Qualys Web Application Scanning. See our CAST Highlight vs. Invicti report.
We monitor all Software Composition Analysis (SCA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
