“We use Invicti to provide a high grade security to our customers. It's an important piece to check applications and validate secure development. This is a good product for our demand.”

“We use Invicti for web application assessments and have found it to be an insightful and intuitive tool.”

“We run weekly OWASP vulnerability scans against our entire product line, as well as on demand scans for major clients. Invicti generally has high accuracy and minimal false positives and false negatives.”

“Invicti really eases the Security Testing.”

“We use Invicti as an on-demand vulnerability scanner that can quickly assess vulnerabilities for individual applications provisioned in the environment.”

“As Security Consultants, we use Invicti to perform clients’ website scans. After detecting vulnerabilities, we assist our clients with remediation and then verify in Invicti that the detected vulnerabilities have disappeared. It helps a lot of our clients to raise their security levels.”

“We use Invicti to perform automated website scans and to validate findings with low false positives. It is easy to use. The reports with a smiley face and a clear description of the worst case scenario are very good, and are digestible at all levels.”

“We use Invicti as an Automated Web Application Security Testing tool to scan the URLs of the products we directly support and host. R&D requests a scan after each sprint to assess any issues that need to be addressed either prior to release or in the next sprint based on criticality and effort to fix. We do not have time to conduct manual testing, so Invicti has proved to be a useful tool.”

“We use Invicti for a quick security check on our applications or incorrect web configurations prior to launching a new product. Invicti gives us a high quality report that covers every need, whether for a web developer or a security engineer.”

“We have it included in our continuous integration process through Team city. Upon every check-in, it will not only deploy to our development environment, but will run the Invicti security scan on the site and give us updates/reports on the OWASP threats to ensure we are maintaining a secure site. We love the product!!”

“We use Invicti to scan all web apps before they are pushed to production. It has helped us improve our security posture by helping identify issues, before it's too late. Keep up the good work! I love using Invicti. Thanks!”

“We have utilized Invicti for our web facing applications to show us the kind of vulnerabilities that exist and how to resolve them. The reports are excellent because they give us a lot of detail in explaining each vulnerability and how to resolve it.”

“Easy to use web vulnerability assessment tool!”

“Invicti helps harden my application by closing out vulnerabilities. We follow an agile development cycle, which includes performing frequent deployments. In the past, we have accidentally deployed vulnerable code, which was quickly fixed once Invicti has flagged it.”

“We scan all our websites for vulnerabilities as they are being developed. These scans are also used to satisfy a yearly scanning requirement from our governing organization. We have identified and corrected over 100 vulnerabilities with Invicti.”

“We integrate Invicti into our clients' DevOps process to identify security issues early in the development cycle.”

“You guys rock as you listen to the users.”

“We needed to ensure that the services that we provide are protected by today's threats. In order to do so, we needed to ensure that we procured an Enterprise class solution that was capable of such a task. We use Invicti to scan our development and production environments to find items such as weak encryption points, misconfigurations and/or vulnerabilities brought on by a vendor. With Invicti, these items are brought front and center and can be addressed prior to deployment or quickly if the item was discovered in a production environment. The Invicti tool is fantastic at tracking and ensuring that the vulnerability was properly remediated. It also has the ability to 'monitor' and report back on the vulnerability if it re-surfaced again. With this technology and tool, we have been able to increase our security posture and show this progression over time with the built-in reporting mechanism.”

“We were looking for a market-leading solution we could deploy for our customers that gave us confident results. The scheduled scans provide us with an ongoing understanding of the website as vulnerabilities are released and as new code is deployed. This allows us to find and resolve security related issues faster.”

“This is probably the best web-app tool that I have ever seen. Of course, I am not a hacker... Really :) But I have reviewed some penetration test results and other tools, and of course I know a lot of hackers, so I can say that your tool covers all of the most important things.”

“Invicti detected web vulnerabilities that other solutions did not. It is easy to use and set up, generating easy-to-read findings and reports that we can integrate into our workflows, our collaboration suite, and – most importantly – our reporting tools.”

“Invicti is a good out-of-the-box DAST. Before Invicti, I was scanning nightly with an open-source scanner. Invicti has taken that management overhead off my plate. Invicti also allows me to easily pass in an API document which allows the scanner to enumerate our application’s API in a way other scanners just can’t. Invicti’s reporting lets me easily satisfy our auditors when they ask.”

“Invicti is used as our first line of defense to find vulnerabilities in our application. We use it to catch easy-to-find vulnerabilities and meet compliance standards. It occasionally helps us find vulnerabilities we may not have caught otherwise.”

“Invicti does what a human cannot do in a full-time job.”

“Invicti has become an invaluable tool within our team.”

“Invicti has certainly provided invaluable insight into the security posture of our web applications.”

“Invicti is Stable, Accurate and Versatile, with a lot of thought put into each of its features. An excellent product in the arsenal of any security professional.”

“Invicti Standard is very lightweight and can be installed with a few clicks. The policy templates are very open, easy to understand, and flexible to configure. We can recheck an individual part without rescanning the whole application. Proof-based scanning is accurate and allows us to understand the issues and remedies. The support team is very prompt in response and has an in-depth knowledge of the product and web applications. Any new user can rely on the Invicti support team to deal with any issue.”

“I had the opportunity to compare expertise reports with Invicti ones. Invicti was better, finding more breaches.”

As opposed to other web application scanners we used, Invicti is very easy to use and does not require a lot of configuring. An out of the box installation of Invicti Web Application Security Scanner can detect more vulnerabilities than any other web application security scanner we have used so far.