I advise having more resources on your device. The solution is better to use and sell for the workstations. It is not for a personal laptop.

Overall, I rate the solution a nine out of ten.

I would tell potential users that it's really one of the best products in the market for web application security or Dynamic Application Security Testing (DAST). The licensing part is challenging, but they might get a good deal out of the Netsparker team.

On a scale from one to ten, I would give Netsparker by Invicti a seven.

Invicti is the best user-friendly tool for dynamic application security testing (DAST) compared to other solutions.

Overall, I rate Invicti a nine out of ten.

From the technology perspective, I would rate the solution a ten on ten. However, I would give it an eight out of ten due to the pricing factor. We are an integrator cybersecurity company based in Turkey. We offer advisory and technical support consulting services to the government and Telco finance sectors. We have many customers. Invictus is a cost-effective solution if your FQDN is less and lies in the range of zero to ten or even 20. 

However, if you have over 50 FQDN then Invictus will be an expensive solution to scan web applications. In such cases, we would be recommending other DAST tools like WebInspect. Before providing consultation services, our company evaluates the number of FQDNs of the customers. If their budget fits with the requirements of Invictus, we would definitely recommend the solution. However, if their budget is limited and scanning requirements are only basic, then we would suggest other DAST tools.

It is a very good tool. It has an API segment that makes up for the lack of reporting options. You can execute commands on Netsparker by using your command-line interface. By using the API, you will be able to get the kind of information that you are looking for. It'll help you in getting the results that you want.

I would rate it an eight out of ten.

I would give Invicti a rating of nine out of ten.

I highly recommend Netsparker and rate it eight out of 10. 

This is not a simple solution, there is a complexity there. A lot of companies here don't like the idea of using a cloud provider or cloud application for scanning. We prefer to have stand-alone applications and not use the cloud. It's something they could offer, like Qualys.

I would rate this solution an eight out of 10.

If you use a good VAS solution, you can go for a lighter web application test. Invicti is a really good product when the web solution is SaaS-oriented and complex in nature. For any false positives, they do a proof of concept and then share the records with us, and that true positive summary would be really good.

Overall, I rate Invicti an eight out of ten.

On a scale from one to ten, I would give Invicti a six.

We're using a demo of the latest version for a POC. We used the on-premises deployment model.

I'd recommend Netsparker for anyone who wants to make a security assessment for web applications.

I'd rate the solution nine out of ten. The tool is full of useful features. However, the intercepting reviews in terms of web requests need some enhancements to be more usable.

Go right ahead. You need to have a technical person.

You can use Netsparker but use it carefully as some payloads can be dangerous in production. This is the same as Acunetix, WebInspect, and others.

Every scanner should have an option like Burp Suite to use dangerless payloads (with Distribute Damage extension).

I rate it at nine out of 10 because, although I have used many web application scanners by now, Netsparker gives the fewest false-positives. That's the most important property for a web application scanner. When you buy a web application scanner, you actually pay for two features: non false-positive detection, and attack diversity. Other features affect the quality of a product. So, Netsparker deserves a nine.

You must work on your environment first. List the web applications’ background: the systems they are using, web server type, database type, programming language. Netsparker supports lots of them, but there are still some restrictions. If they know their environment, the decision is easier.

It is a highly scalable and multi-user platform. You need to ensure that you have a virtual machine connected over to the internet for most of the system, as there are weekly and monthly updates.

There are many average products on the market, but I prefer Netsparker because to me wasting time after false positives is the worst thing that can happen. Accuracy is the most important thing to me. I rate Netsparker eight out of ten.

Like I wrote earlier, I would highly recommend implementing this product to those who really care about the vulnerabilities and security of their products/applications.

I would definitely recommend it to those who really want to know in-depth details of their applications/products regarding security.

I would recommend this solution. I haven't really researched other products, but for me, Netsparker Web Application Security Scanner is a benchmark right now.

I would rate Netsparker Web Application Security Scanner an eight out of ten. 

Overall, I am satisfied with Netsparker. However, I cannot say at this point that I would recommend it because although it is good, I will now be using it as a benchmark for evaluating other products.

I would rate this solution an eight out of ten.

It is a pretty good product, if you go with the full version. It has a good report generation and enables better customization of policies.