Netsparker by Invicti OverviewUNIXBusinessApplication

Netsparker by Invicti is the #10 ranked solution in our list of AST tools. It is most often compared to OWASP Zap: Netsparker by Invicti vs OWASP Zap

What is Netsparker by Invicti?

Netsparker finds and reports web application vulnerabilities such as SQL Injection and Cross-site Scripting (XSS) on all types of web applications, regardless of the platform and technology they are built with. Netsparker's unique and dead accurate Proof-Based scanning technology does not just report vulnerabilities, it also produces a Proof of Concept to confirm they are not false positives, freeing you from having to double check the identified vulnerabilities.

Netsparker by Invicti is also known as Mavituna Netsparker.

Buyer's Guide

Download the Application Security Buyer's Guide including reviews and more. Updated: September 2021

Netsparker by Invicti Customers

Samsung, The Walt Disney Company, T-Systems, ING Bank

Netsparker by Invicti Video

Pricing Advice

What users are saying about Netsparker by Invicti pricing:
  • "Netsparker is one of the costliest products in the market. It would help if they could allow us to scan multiple URLs on the same license."

Filter Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
VD
Lead Security Architect at a comms service provider with 1,001-5,000 employees
Real User
Top 5Leaderboard
A customizable security testing solution with good tech support, but the price could be better

What is our primary use case?

We use Netsparker by Invicti to run tests for application security based on OWASP Top 10.

Pros and Cons

  • "The dashboard is really cool, and the features are really good. It tells you about the software version you're using in your web application. It gives you the entire technology stack, and that really helps. Both web and desktop apps are good in terms of application scanning. It has a lot of security checks that are easily customizable as per your requirements. It also has good customer support."
  • "The license could be better. It would help if they could allow us to scan multiple URLs on the same license. It's a major hindrance that we are facing while scanning applications, and we have to be sure that the URLs are the same and not different so that we do not end up consuming another license for it. Netsparker is one of the costliest products in the market. The licensing is tied to the URL, and it's restricted. If you have a URL that you scanned once, like a website, you cannot retry that same license. If you are scanning the same website but in a different domain or different URL, you might end up paying for a second license. It would also be better if they provided proper support for multi-factor authentications. In the next release, I would like them to include good multi-factor authentication support."

What other advice do I have?

I would tell potential users that it's really one of the best products in the market for web application security or Dynamic Application Security Testing (DAST). The licensing part is challenging, but they might get a good deal out of the Netsparker team. On a scale from one to ten, I would give Netsparker by Invicti a seven.
SS
Consultant Cyber Security at a tech services company with 51-200 employees
Consultant
Top 5
A fast solution that is easy to deploy, configure, and use

Pros and Cons

  • "I am impressed by the whole technology that they are using in this solution. It is really fast. When using netscan, the confirmation that it gives on the vulnerabilities is pretty cool. It is really easy to configure a scan in Netsparker Web Application Security Scanner. It is also really easy to deploy."
  • "They don't really provide the proof of concept up to the level that we need in our organization. We are a consultancy firm, and we provide consultancy for the implementation and deployment solutions to our customers. When you run the scans and the scan is completed, it only shows the proof of exploit, which really doesn't work because the tool is running the scan and exploiting on the read-only form. You don't really know whether it is actually giving the proof of exploit. We cannot prove it manually to a customer that the exploit is genuine. It is really hard to perform it manually and prove it to the concerned development, remediation, and security teams. It is currently missing the static application security part of the application security, especially web application security. It would be really cool if they can integrate a SAS tool with their dynamic one."

What other advice do I have?

I would recommend this solution. I haven't really researched other products, but for me, Netsparker Web Application Security Scanner is a benchmark right now. I would rate Netsparker Web Application Security Scanner an eight out of ten.
Find out what your peers are saying about Netsparker, Acunetix, PortSwigger and others in Application Security. Updated: September 2021.
534,057 professionals have used our research since 2012.
SS
Consultant Cyber Security at a tech services company with 51-200 employees
Consultant
Top 5
A good interface that makes it easy to use, and the tool is really fast

What is our primary use case?

We are a consulting firm and we provide implementation and deployment of solutions to our customers.

Pros and Cons

  • "This tool is really fast and the information that they provide on vulnerabilities is pretty good."
  • "Right now, they are missing the static application security part, especially web application security."

What other advice do I have?

Overall, I am satisfied with Netsparker. However, I cannot say at this point that I would recommend it because although it is good, I will now be using it as a benchmark for evaluating other products. I would rate this solution an eight out of ten.
AhmedS. Younis
Retail Services Senior Manager at e-finance
Real User
Top 20
Very high level of accuracy and speedy scanning

What is our primary use case?

Our primary use case is for web applications but rather than being in a production environment, it's in a testing environment. We check for vulnerabilities found in the test environment and remediate them. Following that, we publish the web application for web production. We are customers of Netsparker and I'm the retail services senior manager.

Pros and Cons

  • "High level of accuracy and quick scanning."

    What other advice do I have?

    This is not a simple solution, there is a complexity there. A lot of companies here don't like the idea of using a cloud provider or cloud application for scanning. We prefer to have stand-alone applications and not use the cloud. It's something they could offer, like Qualys. I would rate this solution an eight out of 10.
    MM
    Senior Quality Control Manager at a insurance company with 51-200 employees
    Real User
    Great reporting review tool and very stable with an easy initial setup

    What is our primary use case?

    We're primarily used the solution as a proof of concept using it for assessing the security of one of our web applications.

    Pros and Cons

    • "The most attractive feature was the reporting review tool. The reporting review was very impressive and produced very fruitful reports."
    • "The proxy review, the use report views, the current use tool and the subset requests need some improvement. It was hard to understand how to use them."

    What other advice do I have?

    We're using a demo of the latest version for a POC. We used the on-premises deployment model. I'd recommend Netsparker for anyone who wants to make a security assessment for web applications. I'd rate the solution nine out of ten. The tool is full of useful features. However, the intercepting reviews in terms of web requests need some enhancements to be more usable.
    Buyer's Guide
    Download our free Application Security Report and find out what your peers are saying about Netsparker, Acunetix, PortSwigger, and more!