Netsparker Web Application Security Scanner Overview

Netsparker Web Application Security Scanner is the #11 ranked solution in our list of AST tools. It is most often compared to OWASP Zap: Netsparker Web Application Security Scanner vs OWASP Zap

What is Netsparker Web Application Security Scanner?

Netsparker finds and reports web application vulnerabilities such as SQL Injection and Cross-site Scripting (XSS) on all types of web applications, regardless of the platform and technology they are built with. Netsparker's unique and dead accurate Proof-Based scanning technology does not just report vulnerabilities, it also produces a Proof of Concept to confirm they are not false positives, freeing you from having to double check the identified vulnerabilities.

Netsparker Web Application Security Scanner is also known as Mavituna Netsparker.

Netsparker Web Application Security Scanner Buyer's Guide

Download the Netsparker Web Application Security Scanner Buyer's Guide including reviews and more. Updated: February 2021

Netsparker Web Application Security Scanner Customers

Samsung, The Walt Disney Company, T-Systems, ING Bank

Netsparker Web Application Security Scanner Video

Pricing Advice

What users are saying about Netsparker Web Application Security Scanner pricing:
  • "I think that price it too high, like other Security applications such as Acunetix, WebInspect, and so on."
  • "The price should be 20% lower"

Netsparker Web Application Security Scanner Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Ivan Biagi
Security Specialist at Alfa-A IT
Real User
Top 5Leaderboard
Jul 15, 2019
Powerful Crawler generates close to a full sitemap, including web services

What is our primary use case?

I use this solution for automated web application testing, and upon the first sight of the web app. I work alone in my company, so a helping hand is always useful. Netsparker did the job. I use it principally for mapping the web application attack surface using its really good crawler.

Pros and Cons

  • "It correctly parses DOM and JS and has really good support for URL Rewrite rules, which is important for today's websites."
  • "The scanner itself should be improved because it is a little bit slow."

What other advice do I have?

You can use Netsparker but use it carefully as some payloads can be dangerous in production. This is the same as Acunetix, WebInspect, and others. Every scanner should have an option like Burp Suite to use dangerless payloads (with Distribute Damage extension).
reviewer1286490
Consultant Cyber Security at a tech services company with 51-200 employees
Consultant
Top 5
Oct 7, 2020
A fast solution that is easy to deploy, configure, and use

Pros and Cons

  • "I am impressed by the whole technology that they are using in this solution. It is really fast. When using netscan, the confirmation that it gives on the vulnerabilities is pretty cool. It is really easy to configure a scan in Netsparker Web Application Security Scanner. It is also really easy to deploy."
  • "They don't really provide the proof of concept up to the level that we need in our organization. We are a consultancy firm, and we provide consultancy for the implementation and deployment solutions to our customers. When you run the scans and the scan is completed, it only shows the proof of exploit, which really doesn't work because the tool is running the scan and exploiting on the read-only form. You don't really know whether it is actually giving the proof of exploit. We cannot prove it manually to a customer that the exploit is genuine. It is really hard to perform it manually and prove it to the concerned development, remediation, and security teams. It is currently missing the static application security part of the application security, especially web application security. It would be really cool if they can integrate a SAS tool with their dynamic one."

What other advice do I have?

I would recommend this solution. I haven't really researched other products, but for me, Netsparker Web Application Security Scanner is a benchmark right now. I would rate Netsparker Web Application Security Scanner an eight out of ten.
Find out what your peers are saying about Netsparker, Acunetix, PortSwigger and others in Application Security. Updated: February 2021.
465,339 professionals have used our research since 2012.
Paolo Da Ros
Founding Partner at da ros e associati srl
Real User
Aug 21, 2019
Has a low number of false positives but the program should be more affordable

What is our primary use case?

Our primary use case of this solution is to assess the security of our web application security.

Pros and Cons

  • "One of the features I like about this program is the low number of false positives and the support it offers."
  • "Netsparker doesn't provide the source code of the static application security testing."

What other advice do I have?

There are many average products on the market, but I prefer Netsparker because to me wasting time after false positives is the worst thing that can happen. Accuracy is the most important thing to me. I rate Netsparker eight out of ten.
reviewer1286490
Consultant Cyber Security at a tech services company with 51-200 employees
Consultant
Top 5
Oct 6, 2020
A good interface that makes it easy to use, and the tool is really fast

What is our primary use case?

We are a consulting firm and we provide implementation and deployment of solutions to our customers.

Pros and Cons

  • "This tool is really fast and the information that they provide on vulnerabilities is pretty good."
  • "Right now, they are missing the static application security part, especially web application security."

What other advice do I have?

Overall, I am satisfied with Netsparker. However, I cannot say at this point that I would recommend it because although it is good, I will now be using it as a benchmark for evaluating other products. I would rate this solution an eight out of ten.
AhmedS. Younis
Retail Services Senior Manager at e-finance
Real User
Top 5
May 11, 2020
Very high level of accuracy and speedy scanning

What is our primary use case?

Our primary use case is for web applications but rather than being in a production environment, it's in a testing environment. We check for vulnerabilities found in the test environment and remediate them. Following that, we publish the web application for web production. We are customers of Netsparker and I'm the retail services senior manager.

Pros and Cons

  • "High level of accuracy and quick scanning."

    What other advice do I have?

    This is not a simple solution, there is a complexity there. A lot of companies here don't like the idea of using a cloud provider or cloud application for scanning. We prefer to have stand-alone applications and not use the cloud. It's something they could offer, like Qualys. I would rate this solution an eight out of 10.
    reviewer1188708
    Senior Quality Control Manager at a insurance company with 51-200 employees
    Real User
    Nov 14, 2019
    Great reporting review tool and very stable with an easy initial setup

    What is our primary use case?

    We're primarily used the solution as a proof of concept using it for assessing the security of one of our web applications.

    Pros and Cons

    • "The most attractive feature was the reporting review tool. The reporting review was very impressive and produced very fruitful reports."
    • "The proxy review, the use report views, the current use tool and the subset requests need some improvement. It was hard to understand how to use them."

    What other advice do I have?

    We're using a demo of the latest version for a POC. We used the on-premises deployment model. I'd recommend Netsparker for anyone who wants to make a security assessment for web applications. I'd rate the solution nine out of ten. The tool is full of useful features. However, the intercepting reviews in terms of web requests need some enhancements to be more usable.
    Buyer's Guide
    Download our free Application Security Report and find out what your peers are saying about Netsparker, Acunetix, PortSwigger, and more!