We performed a comparison between Invicti and Parasoft SOAtest based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Invicti is a good product, and its API testing is also good."
"Its ability to crawl a web application is quite different than another similar scanner."
"Crawling feature: Netsparker has very detail crawling steps and mechanisms. This feature expands the attack surface."
"Attacking feature: Actually, attacking is not a solo feature. It contains many attack engines, Hawk, and many properties. But Netsparker's attacking mechanism is very flexible. This increases the vulnerability detection rate. Also, Netsparker made the Hawk for real-time interactive command-line-based exploit testing. It's very valuable for a vulnerability scanner."
"I like that it's stable and technical support is great."
"The most valuable feature of Invicti is getting baseline scanning and incremental scan."
"The best features of Invicti are its ability to confirm access vulnerabilities, SSL injection vulnerabilities, and its connectors to other security tools."
"High level of accuracy and quick scanning."
"Generating new messages, based on the existing .EDN and .XML messages, is a crucial part or the testing project that I’m currently in."
"Technical support is helpful."
"The testing time is shortened because we generate test data automatically with SOAtest."
"Good write and read files which save execution inputs and outputs and can be stored locally."
"We can automate our scenarios in a data driven format, which shows there is no rework on scripts. We only need to update the test data and run for a number of scenarios."
"If you want something that’s not provided out of the box, then you can write it yourself and integrate it with SOAtest."
"Since the solution has both command line and automation options, it generates good reports."
"Every imaginable source in the entire world of information technology can be accessed and used."
"I think that it freezes without any specific reason at times. This needs to be looked into."
"The higher level vulnerabilities like Cross-Site Scripting, SQL Injection, and other higher level injection attacks are difficult to highlight using Netsparker."
"The scannings are not sufficiently updated."
"The custom attack preparation screen might be improved."
"The scanner itself should be improved because it is a little bit slow."
"It would be better for listing and attacking Java-based web applications to exploit vulnerabilities."
"The licensing model should be improved to be more cost-effective. There are URL restrictions that consume our license. Compared to other DAST solutions and task tools like WebInspect and Burp Enterprise, Invicti is very expensive. The solution’s scanning time is also very long compared to other DAST tools. It might be due to proof-based scanning."
"Netsparker doesn't provide the source code of the static application security testing."
"Reports could be customized and more descriptive according to the user's or company's requirements."
"The product is very slow to start up, and that is a bit of a problem, actually."
"Tuning the tool takes time because it gives quite a long list of warnings."
"Parasoft SOAtest has an internal refresh function where you can refresh the software to show the changes you’ve made in your projects. Unfortunately this function does not work properly, because it often does not show the changes after you’ve hit te refresh button a few times."
"Enabling/disabling an optional element of an XML request is only possible if a data source (e.g., Excel sheet) is connected to the test. Otherwise, the option is not available at all in the drop-down menu."
"UI testing should be more in-depth."
"Compatibility with HTTP 1.1 and TLS 1.2 needs to be improved."
"Reporting facilities can be better."
Invicti is ranked 15th in Application Security Testing (AST) with 25 reviews while Parasoft SOAtest is ranked 28th in Application Security Testing (AST) with 30 reviews. Invicti is rated 8.2, while Parasoft SOAtest is rated 8.2. The top reviewer of Invicti writes "A customizable security testing solution with good tech support, but the price could be better". On the other hand, the top reviewer of Parasoft SOAtest writes "Reliable with a good interface but uses too much memory". Invicti is most compared with OWASP Zap, Acunetix, PortSwigger Burp Suite Professional, Tenable.io Web Application Scanning and Fortify WebInspect, whereas Parasoft SOAtest is most compared with Postman, SonarQube, Coverity, Klocwork and Polyspace Code Prover. See our Invicti vs. Parasoft SOAtest report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
