We performed a comparison between GitLab and Invicti based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature of GitLab is its convenience. I am able to trace back most of my changes up to a far distance in time and it helps me to analyze and see the older version of the code."
"We use the Git repository and tagging feature. We are a product-based company and use this solution to move to a forward or backward tag."
"GitLab is a solution for source code management, container registry, pipelines, testing, and deployment."
"The merging feature makes it easy later on for the deployment."
"The solution is stable."
"The best thing is that as the developers work on separate tasks, all of the code goes there and the other team members don't have to wait on each other to finish."
"GitLab's best features are maintenance, branch integration, and development infrastructure."
"GitLab is kind of an image of GitHub, so it gives us the flexibility to monitor our changes in the repos."
"Its ability to crawl a web application is quite different than another similar scanner."
"Crawling feature: Netsparker has very detail crawling steps and mechanisms. This feature expands the attack surface."
"The solution generates reports automatically and quickly."
"One of the features I like about this program is the low number of false positives and the support it offers."
"Scan, proxify the application, and then detailed report along with evidence and remediations to problems."
"The dashboard is really cool, and the features are really good. It tells you about the software version you're using in your web application. It gives you the entire technology stack, and that really helps. Both web and desktop apps are good in terms of application scanning. It has a lot of security checks that are easily customizable as per your requirements. It also has good customer support."
"I am impressed by the whole technology that they are using in this solution. It is really fast. When using netscan, the confirmation that it gives on the vulnerabilities is pretty cool. It is really easy to configure a scan in Netsparker Web Application Security Scanner. It is also really easy to deploy."
"The most valuable feature of Invicti is getting baseline scanning and incremental scan."
"GitLab could consider introducing a code-scanning tool. Purchasing such tools from external markets can incur charges, which might not be favorable. Integrating these features into GitLab would streamline the pipeline and make it more convenient for users."
"We would like to generate document pages from the sources."
"I used Spring Cloud config and to connect that to GitLab was so hard."
"We'd like to see better integration with the Atlassian ecosystem."
"The integration could be slightly better."
"Even if I say I want some improvement, they will say it is already planned in the first quarter, second quarter, or third quarter. That said, most everything is quite improved already, and they're improving even further still."
"It could have more security integrations and the ability to check the vulnerability of the code. I don't think it is a responsibility of Gitlab, but it would be nice to have more options to integrate with."
"The initial setup was quite challenging because it takes some time to understand how to pull out or push the code."
"I think that it freezes without any specific reason at times. This needs to be looked into."
"The custom attack preparation screen might be improved."
"The support's response time could be faster since we are in different time zones."
"The solution needs to make a more specific report."
"The licensing model should be improved to be more cost-effective. There are URL restrictions that consume our license. Compared to other DAST solutions and task tools like WebInspect and Burp Enterprise, Invicti is very expensive. The solution’s scanning time is also very long compared to other DAST tools. It might be due to proof-based scanning."
"Reporting should be improved. The reporting options should be made better for end-users. Currently, it is possible, but it's not the best. Being able to choose what I want to see in my reports rather than being given prefixed information would make my life easier. I had to depend on the API for getting the content that I wanted. If they could fix the reporting feature to make it more comprehensive and user-friendly, it would help a lot of end-users. Everything else was good about this product."
"Asset scanning could be better. Once, it couldn't scan assets, and the issue was strange. The price doesn't fit the budget of small and medium-sized businesses."
"The scanning time, complexity, and authentication features of Invicti could be improved."
GitLab is ranked 7th in Application Security Tools with 70 reviews while Invicti is ranked 20th in Application Security Tools with 25 reviews. GitLab is rated 8.6, while Invicti is rated 8.2. The top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". On the other hand, the top reviewer of Invicti writes "A customizable security testing solution with good tech support, but the price could be better". GitLab is most compared with Microsoft Azure DevOps, Bamboo, AWS CodePipeline, SonarQube and Tekton, whereas Invicti is most compared with OWASP Zap, Acunetix, PortSwigger Burp Suite Professional, Tenable.io Web Application Scanning and Fortify WebInspect. See our GitLab vs. Invicti report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
