59 Invicti (formerly Netsparker) Reviews
Overall Review Sentiment for Invicti (formerly Netsparker)
Log in to view review sentiment.
Netsparker is a digitalized online web application security scanner, which is entirely configurable, which enables users to scan websites, web applications, and web services and detect security flaws.
You have a lot of options to select options to select security policies.
Also, it has support to start multiple scans at a given time based on agents installed or configured in the Netsparker enterprise server. Review collected by and hosted on G2.com.
No support for 2FA or MFA applications. We have more than 50% of Applications with 2FA in our organization. I heard it's getting published soon.
When using Netsparker to scan or detect vulnerabilities in web applications with larger web applications, users can notice slowness in the web scanning processes. Review collected by and hosted on G2.com.
A lot of security checks, that are easily customizable. You can make the exact scat profile\type that you want.
Really good support that answering fast and giving you proper recommendations. Every time when we reported false positives - the reaction was fast and adequate. It is the best solution that you can find on a market. Review collected by and hosted on G2.com.
Sometimes you need a lot of time and RAM to scan big applications, but it is an understandable disadvantage. Also, there are not so many options for scheduling, so in most cases, you will be running scans in real time. Review collected by and hosted on G2.com.
Netsparker is an intuitive software to use even so it has a lot of options under the hood to help you tweak the configuration.
The technologie dashboard, shows you in a click all the informations about the sofwares versions used in your web applications. It makes it easy to see the states of your applications.
The number of false positive is low and it is able to detect a wide range of vulnerabilities. Review collected by and hosted on G2.com.
The Kenna integrations need's work, it is not proprely sending CVE'S at the moment.
And there is no metrics to compare ourself to the industries, e.g remediations time. Review collected by and hosted on G2.com.
NetSparker integrates with so many technologies in such an efficient manner it makes complete CI/CD coverage possible from a DAST perspective. Review collected by and hosted on G2.com.
The licensing tied to URLs is very strict. Once you have attached a root URL to a website for scanning, it is challenging to retrieve that license if you or the development team made a mistake. This disconnect has happened several times with us due to initiating the development teams into the scanning process. Each time we have had to work with NS support to retrieve licenses. Review collected by and hosted on G2.com.
Netsparker support gets back to you so fast that it looks like you are on a chat with them
always available for meet and screen share to resolve any problem even if it takes 2hrs(which they are way faster in solving)
a very friendly support team that can escalate any matter quickly if needed Review collected by and hosted on G2.com.
Nothing pretty much
all is great with their team Review collected by and hosted on G2.com.
Netsparker is intuitive to use. I don't have to understand much about the web platform that I am assessing nor the various options to customize the software—knowing those simply provides a quicker and more in-depth experience. Out of the box, Netsparker quickly provides the function I need. Review collected by and hosted on G2.com.
I would offer a wider variety of subscription models. I felt that some of the flexibility I would have liked to have regarding "registering" the domains that I will test with Netsparker felt prohibitive. It removed flexibility to do specific ad-hoc examinations and tests. I would suggest some additional offerings in a subscription. I would also recommend offering a one-year subscription model. Review collected by and hosted on G2.com.
The interface is user extremely user-friendly, easy to grab, even a new-beginner can manage it quickly. Reports are visually satisfactory, they are not complex but are reflecting the all vulnerabilities at the same time, therefore providing the reader a good summary of the relative scan(s). Automatically sent notification emails are useful on the other hand, for instance, if an agent is down you are being warned just at that time so you can fix and load the balance on agents again before any crashes. Review collected by and hosted on G2.com.
Both the web and desktop apps are instable during custom script writing and verification of login/logout. Here, there are other factors rather than Netsparker of course, such as the health websites you are scanning or internet connection, but there are some situations that 'Test script' button works for some time and doesn't for a few times after. These pop-out pages(custom script and verification) are being loaded very slow generally. Review collected by and hosted on G2.com.
Netsparker can provide proof of concept/exploitation of web applications to give customers Reports that are visually pleasing, comprehensible put together in an easy to read but not overtaxing format. It explains the vulnerabilities in detail, plus also giving you a mitigation/road map on how to resolve the vulnerability.
I love the way I can craft authenticated and unauthenticated scans on different web applications. These can be a simple website to a complex fresh from the developers' web application that highlights vulnerabilities that developers had missed in beta testing. Review collected by and hosted on G2.com.
Some recent upgrades have left bugs in the system which can be annoying. The NET4.8 one on the last upgrade was not highlighted until customer found that using the API the Netsparker scanner would stall just before the initiation of the scan. Other than that nothing else has troubled us. Review collected by and hosted on G2.com.
The best element if NetSparker Appsec tooling is the ease of use. You can get up and running in a matter of minutes. Their default scan policies are very powerful and easy to modify as needed. I also like the local scan agents for applications that we cannot whitelist through our firewall. If there are challenges their Support staff is also VERY responsive and knowledgeable. They are more than happy to get on a call and walk through any issues and work it through to a resolution. Review collected by and hosted on G2.com.
Scanning API's is a little cryptic and requires good understanding of the specific commands within it. It would be helpful if the setup of them was a little more dynamic based on the API type and content. Review collected by and hosted on G2.com.
