Netsparker Web Application Security Scanner Room for Improvement

Ivan Biagi
Security Specialist at a tech consulting company with 1-10 employees
The scanner itself should be improved because it is a little bit slow. CPU usage should be improved due to my PC's fan going mad. RAM usage also should be improved as well. The attacker part of the scanner should be more fluid and faster. There should be some option to tune up the scan, like throttling requests or using some WAF/IDS/IPS bypass technique. It needs more than what is currently in the Advanced Options. The passive analyzer for some vulnerabilities should be improved, as it doesn't get all vulnerabilities. It should also be more efficient. The scanner should also use some cool techniques to inject payloads, like replacing the entire body and Content-Type header (like for XML input). View full review »
Lav Thaiba
Software Quality Assurance Engineer at ITONICS GmbH
When scanning a large web-based application, it tends to process slow and takes a long time especially on crawling and attacking part. Would be better if that part would not take much time. Apart from that, it would be better for listing and attacking Java-based web applications to exploit vulnerabilities. View full review »
Paolo Da Ros
Founding Partner at da ros e associati srl
The program uses technology that is different from application scanners. It's not an incremental solution. It could be a new product, but I'm not that knowledgeable to know which products are part of a suite. Netsparker doesn't provide the source code of the static application security testing. I would love to see a completion of the offering with statistical analysis. Every customer has its own nuance, so I don't think it's really an issue when it comes to the user interface. Every customer has something that they would like different because they're used to something different. In my opinion, there is not very much to mention besides changing as little as possible. Something that Microsoft often does, is to change things with every release and users don't like that. I would also see the price being at least 20% cheaper because the market is currently very crowded and there are many vendors and clients. A lower price will get more sales. View full review »
Find out what your peers are saying about Netsparker, Acunetix, PortSwigger and others in Application Security. Updated: November 2019.
383,725 professionals have used our research since 2012.
reviewer1188708
Senior Quality Control Manager at a insurance company with 51-200 employees
The proxy review, the use report views, the current use tool and the subset requests need some improvement. It was hard to understand how to use them. View full review »
Nur Yesilyurt
Attack Developer at a tech vendor
Perhaps the custom attack preparation screen might be improved. Also, they can implement mobile penetration testing support for manual and automated tests. View full review »
Find out what your peers are saying about Netsparker, Acunetix, PortSwigger and others in Application Security. Updated: November 2019.
383,725 professionals have used our research since 2012.
Sign Up with Email