We performed a comparison between HCL AppScan and Invicti based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is easy it is to use. It is quick to find things, because of the code scanning tools. It's quite simple to use and it is very good the way it reports the findings."
"We are now deploying less defects to production."
"I like the recording feature."
"The solution is easy to install. I would rate the product's setup between six to seven out of ten. The deployment time depends on the applications that need to be scanned. We have a development and operations team to take care of the product's maintenance."
"It highlights, with several grades of severity, the types of vulnerabilities, so we can focus on the most severe security vulnerabilities in the code."
"It's generally a very user-friendly tool. Anyone can easily learn how to scan"
"The most valuable feature of HCL AppScan is scanning QR codes."
"The HCL AppScan turnaround time for Burp Suite or any new feature request is pretty good, and that is why we are sticking with the HCL."
"I am impressed with Invictus’ proof-based scanning. The solution has reduced the incidence of false positive vulnerabilities. It has helped us reduce our time and focus on vulnerabilities."
"The best features of Invicti are its ability to confirm access vulnerabilities, SSL injection vulnerabilities, and its connectors to other security tools."
"Invicti is a good product, and its API testing is also good."
"I like that it's stable and technical support is great."
"Crawling feature: Netsparker has very detail crawling steps and mechanisms. This feature expands the attack surface."
"Attacking feature: Actually, attacking is not a solo feature. It contains many attack engines, Hawk, and many properties. But Netsparker's attacking mechanism is very flexible. This increases the vulnerability detection rate. Also, Netsparker made the Hawk for real-time interactive command-line-based exploit testing. It's very valuable for a vulnerability scanner."
"Its ability to crawl a web application is quite different than another similar scanner."
"One of the features I like about this program is the low number of false positives and the support it offers."
"I would like to see the roadmap for this product. We are still waiting to see it as we have only so many resources."
"It's a little bit basic when you talk about the Web Services. If AppScan improved its maturity on Web Services testing, that would be good."
"I think being able to search across more containers, especially some of the docker elements. We need a little tighter integration there. That's the only thing I can see at this point."
"The dashboard, for AppScan or the Fortified fast tool, which we use needs to be improved."
"The solution needs to improve in some areas. The tool needs to add more languages. It also needs to improve its speed."
"AppScan is too complicated and should be made more user-friendly."
"There is room for improvement in the pricing model."
"They could add a software component analysis tool."
"Asset scanning could be better. Once, it couldn't scan assets, and the issue was strange. The price doesn't fit the budget of small and medium-sized businesses."
"The scannings are not sufficiently updated."
"The support's response time could be faster since we are in different time zones."
"Maybe the ability to make a good reporting format is needed."
"The scanning time, complexity, and authentication features of Invicti could be improved."
"Right now, they are missing the static application security part, especially web application security."
"I think that it freezes without any specific reason at times. This needs to be looked into."
"It would be better for listing and attacking Java-based web applications to exploit vulnerabilities."
HCL AppScan is ranked 14th in Application Security Tools with 39 reviews while Invicti is ranked 20th in Application Security Tools with 25 reviews. HCL AppScan is rated 7.6, while Invicti is rated 8.2. The top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". On the other hand, the top reviewer of Invicti writes "A customizable security testing solution with good tech support, but the price could be better". HCL AppScan is most compared with SonarQube, Veracode, Acunetix, Checkmarx One and Tenable.io Web Application Scanning, whereas Invicti is most compared with OWASP Zap, Acunetix, PortSwigger Burp Suite Professional, Tenable.io Web Application Scanning and Veracode. See our HCL AppScan vs. Invicti report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.