Name: Invicti
Rating: 4.5 (199 reviews)

Overview

Product Information on Invicti

Updated 13th October 2025

What is Invicti?

Invicti is a software designed to identify and manage security vulnerabilities in web applications. It performs automated scanning to detect potential security risks such as SQL injection, cross-site scripting, and other vulnerabilities. The software offers features including automatic scanning of web assets, vulnerability verification, and integration with issue tracking and development workflows. Invicti assists organizations in maintaining secure code by enabling continuous security assessments and streamlining remediation processes. The software addresses the business need for proactive identification and resolution of web security issues, helping organizations reduce the risk of security breaches and supporting compliance with industry standards and policies.

Overall experience with Invicti

Manager, Sec Arch And Threat Management

500M - 1B USD, Healthcare and Biotech

FAVORABLE

“Invicti Offers Reliable Web App Scanning With Easy Setup And Effective Optimization”

5.0

Apr 23, 2026

After moving some of our toolsets around, we had a gap related to web app scanning. We slide Invicti into place and it has been an awesome product, with no major issues. It was straightward to set up, and it's easily been a "fire and forget" kind of tool, as we automate pulling the reports.

IT SECURITY ASSESSMENT SPECIALIST

250M - 500M USD, Banking

CRITICAL

“Mixed User Sentiments on Cloud+'s GUI and Integration Capabilities”

3.0

Aug 30, 2024

The application has a good potential, however, the application agents were full of bugs. At least Cloud+ internal agents looked like they were in a very immature state

About Company

Company Description

Formed through the combination of Netsparker, Acunetix, and Kondukto, Invicti Security provides an application security platform that unifies DAST, SAST, IAST, SCA, API security, secrets scanning, container security, and application security posture management (ASPM) to help enterprise organizations identify, prioritize, and remediate vulnerabilities across their application portfolio. The platform's proof-based scanning validates runtime vulnerabilities while ASPM capabilities correlate findings across security tools to eliminate false positives. AI-powered remediation provides contextual fix recommendations within developer workflows. Key capabilities include automated vulnerability discovery, intelligent risk prioritization, unified dashboard management, and CI/CD pipeline integration.

Company Details

Company type

Private

Year Founded

2005

Head office location

Austin, United States

Number of employees

201 - 500

Annual Revenue

50M-250M USD

Website

https://www.invicti.com/

Do You Manage Peer Insights at Invicti?

Access Vendor Portal to update and manage your profile.

Key Insights

A Snapshot of What Matters - Based on Validated User Reviews

User Sentiment About Invicti

Reviewer Insights for: Invicti

Deciding Factors: Invicti Vs. Market Average

Performance of Invicti Across Market Features

Invicti Likes & Dislikes

There are three components that really stand out. We have worked with many tools, but the highlights of this one were: 1) Ease of configuration - no major problems, concerns, or issues related to trying to get this working. Setting up agents for on-prem scanning was a breeze, and building the infrastructure was done with little resources. 2) It really is a fire and forget tool. We don't have to babysit, it works as intended, and the reporting is easy to understand. It's also easy to overlay what this finds with what we get from other TVM tooling. 3) Optimization areas within the tool make the scans more tailored to the environment. Previous tools were more This is what I'm going to do, where this has ways to optimize to make it as effective as possible for your world.

Nice and simple GUI's Interesting integrations with WAF's and ticketing system Apparently it grabs some nice findings

1: It is very easy to set up new scans and to navigate the UI. 2: Dashboards make it easy to assess high priority fixes from first ingress into the system 3: Automation allows us to define conditions to which we need to be alerted. We are able to integrate into the tools we use

Onboarding wasn't difficult - like I said, it was easy to configure - but the onboarding time from Invicti was very limited. I think we had three calls, one of which they forced when we weren't quite ready, and they kind of went, Well, that's it, good luck! The support on the product is phenomenal, but the onboarding was kind of rocky.

The internal agents were not mature enough to be sold as a product Cloud solution is not currently allowing logins with MFA Poor support - only was able to get good support after threats to renounce the contract.

Scan times have been very long for a number of our applications and have required additional time to work out the kinks. Setting up MFA for a few of our applications tool longer than expected due to TOTP token encoding mismatches. Support has largely been through email, which can be slow and ineffective when working through complex technical issues.

Top Invicti Alternatives

Peer Discussions

Invicti Reviews and Ratings

Recommended Gartner Insights

50M-1B USD

Healthcare and Biotech

Review Source

Invicti Offers Reliable Web App Scanning With Easy Setup And Effective Optimization

Appsec Engineer

Software

DAST with Great Technical Capabilities, but Support Slows Resolution for Some Complex Issues

4.0

Onboarding was a very smooth process and we were well supported throughout. The platform provides us with the technical capabilities required of an enterprise level DAST tool. There have been some hiccups in terms of scan setup for 1 or 2 of our sites.

IT Security & Risk Management Associate

1B-10B USD

Finance (non-banking)

Frustration Over Slow Response Times Despite Generally Positive Experience

Apr 21, 2026

The overall experience has been pretty good. I scheduled some technical calls with the team to optimize the tool and kind of felt like I was being rushed off and didn't get much follow-up from them afterwards so I didn't give 5 stars. I also asked for some very specific quotes for specific reasons when renewal time came and it took over a month for the quotes to come through the way I asked for them. I understand that the sales people were doing their jobs to try to sell us on more, but I had asked for something specific and it was frustrating how long it took to get what I had asked for.

Chief Executive Officer

<50M USD

IT Services

Accurate DAST Scanning combined with flexible and supportive vendor

Apr 16, 2026

We are satisfied with our journey with Invicti. We have used the DAST tool (former Acunetix) which provides high-quality results with great accuracy, which is crucial for our security workflows. What truly sets them apart, however, is their team. From the initial contract negotiations to the actual implementation, the vendor has been flexible, responsive, and genuinely helpful.

Director, IT Security and Risk Management

10B+ USD

Services (non-Government)

Extensive Features And Reliable Integrations Offset Aging Interface Concerns

The product was easy to implement and has been smooth sailing after more than 3 years of being a customer. While not always the most user friendly interface a lot of options are included out of the box and the results are comparatively better then most of the competition