Invicti Testimonials

Invicti Web Application Security Scanner is used by many world renowned organizations from all types of industries. Below are just a few testimonials. You can also read our Invicti case studies for more detailed information on how Invicti helps many organizations ensure the security of their websites and web applications.

Shay Chen

“Invicti is Stable, Accurate and Versatile, with a lot of thought put into each of its features. An excellent product in the arsenal of any security professional.”

Shay Chen Information Security, Analyst, Tool Author and Speaker
Troy Hunt

“I’ve long been an advocate of Invicti without incentivisation simply because I believe it’s the easiest on-demand, do it yourself dynamic security analysis tool for the audience I speak to. Web application security scanning done nicely.”

Troy Hunt Software architect and Microsoft MVP

“Invicti Standard is very lightweight and can be installed with a few clicks. The policy templates are very open, easy to understand, and flexible to configure. We can recheck an individual part without rescanning the whole application. Proof-based scanning is accurate and allows us to understand the issues and remedies. The support team is very prompt in response and has an in-depth knowledge of the product and web applications. Any new user can rely on the Invicti support team to deal with any issue.”

Rahul Raj Senior Engineer at GlobalLogic

“Invicti has become an invaluable tool within our team.”

Christopher Alexander CEO at Eyeronix

“Invicti does what a human cannot do in a full-time job.”

Yannick Guerdat CEO at Artionet
Aptiv Connected Services

“Invicti has certainly provided invaluable insight into the security posture of our web applications.”

Jason Brown Risk and Compliance Manager at Aptiv Connected Services

“Invicti is used as our first line of defense to find vulnerabilities in our application. We use it to catch easy-to-find vulnerabilities and meet compliance standards. It occasionally helps us find vulnerabilities we may not have caught otherwise.”

Chase Davies Application Security Engineer at Workfront

“Invicti is a good out-of-the-box DAST. Before Invicti, I was scanning nightly with an open-source scanner. Invicti has taken that management overhead off my plate. Invicti also allows me to easily pass in an API document which allows the scanner to enumerate our application’s API in a way other scanners just can’t. Invicti’s reporting lets me easily satisfy our auditors when they ask.”

Tom Payne Manager of Infosec and Compliance at Skuid

“Invicti detected web vulnerabilities that other solutions did not. It is easy to use and set up, generating easy-to-read findings and reports that we can integrate into our workflows, our collaboration suite, and – most importantly – our reporting tools.”

Henk-Jan Angerman Founder of SECWATCH

“This is probably the best web-app tool that I have ever seen. Of course, I am not a hacker… Really :) But I have reviewed some penetration test results and other tools, and of course I know a lot of hackers, so I can say that your tool covers all of the most important things.”

Eli Jellenc International Cyber Threat Analysis Manager at Verisign
ING EurAsia

“When we were evaluating web application security scanners, Invicti was the scanner that identified most vulnerabilities without requiring any configuration changes. It also identified several SQL injection and cross-site scripting vulnerabilities that other scanners did not identify.”

Perry Mertens Supervisor Auditor at ING EurAsia IT Audit Team

“The software is an important part of my security strategy which is in progress toward other services at OECD. And I find it better than external expertise. I had, of course, the opportunity to compare expertise reports with Invicti ones. Invicti was better, finding more breaches.”

Andy Gambles Senior Analyst, OECD
Grant Thornton

“You guys rock as you listen to the users.”

Cecil Su Grant Thornton

“We regularly scan our applications after we deploy new versions to our public web servers to determine if our application is secure. Since we have started using Invicti our team has been very proactive in ensuring our products are securely designed from the beginning.”

Leonard Giambalvo CTO at VirtualStrongBox, Inc
Servertastic Limited

“We were looking for a market-leading solution we could deploy for our customers that gave us confident results. The scheduled scans provide us with an ongoing understanding of the website as vulnerabilities are released and as new code is deployed. This allows us to find and resolve security related issues faster.”

Leonard Giambalvo Director at Servertastic Limited

“We needed to ensure that the services that we provide are protected by today’s threats. In order to do so, we needed to ensure that we procured an Enterprise class solution that was capable of such a task. We use Invicti to scan our development and production environments to find items such as weak encryption points, misconfigurations and/or vulnerabilities brought on by a vendor. With Invicti, these items are brought front and center and can be addressed prior to deployment or quickly if the item was discovered in a production environment. The Invicti tool is fantastic at tracking and ensuring that the vulnerability was properly remediated. It also has the ability to ‘monitor’ and report back on the vulnerability if it re-surfaced again. With this technology and tool, we have been able to increase our security posture and show this progression over time with the built-in reporting mechanism.”

Chris Evans Security and Compliance Manager at ISACA
Project Mariana

“We integrate Invicti into our clients’ DevOps process to identify security issues early in the development cycle.”

Alexander Chaveriat Chief Security Innovation Officer at Project Mariana

“Invicti helps harden my application by closing out vulnerabilities. We follow an agile development cycle, which includes performing frequent deployments. In the past, we have accidentally deployed vulnerable code, which was quickly fixed once Invicti has flagged it.”

Neil Sorathia Owner at BookingTool.com
Alabama Department of Education

“We scan all our websites for vulnerabilities as they are being developed. These scans are also used to satisfy a yearly scanning requirement from our governing organization. We have identified and corrected over 100 vulnerabilities with Invicti.”

David Pope CISO, Alabama Department of Education
Boğaziçi University

“Easy to use web vulnerability assessment tool!”

Bilgin Metin Manager, Bogazici University Cyber Security Center

“We use Invicti for consulting purposes. We perform Application Scans for our customers throughout the globe. Invicti’s flexibility and accuracy is helping us in achieving our goals in a timely manner.”

Shashank Vaidya AVP, ControlCase

“We have utilized Invicti for our web facing applications to show us the kind of vulnerabilities that exist and how to resolve them. The reports are excellent because they give us a lot of detail in explaining each vulnerability and how to resolve it.”

Dennis Marston IS Specialist, CA DIR

“We use Invicti to perform automated website scans and to validate findings with low false positives. It is easy to use. The reports with a smiley face and a clear description of the worst case scenario are very good, and are digestible at all levels.”

Matthew Bullimore IT Security Manager, GfK
Dakota State University

“We use Invicti to scan all web apps before they are pushed to production. It has helped us improve our security posture by helping identify issues, before it’s too late. Keep up the good work! I love using Invicti. Thanks!”

David Miller Security Engineer, Dakota State University
Kansas City University

“We have it included in our continuous integration process through Team city. Upon every check-in, it will not only deploy to our development environment, but will run the Invicti security scan on the site and give us updates/reports on the OWASP threats to ensure we are maintaining a secure site. We love the product!!”

Paul Johnson Software Engineering Manager, Kansas City University
Sportna loterija d.d.

“We use Invicti for a quick security check on our applications or incorrect web configurations prior to launching a new product. Invicti gives us a high quality report that covers every need, whether for a web developer or a security engineer.”

Jani Ravas IT Manager, Sportna loterija d.d.

“We use Invicti as an Automated Web Application Security Testing tool to scan the URLs of the products we directly support and host. R&D requests a scan after each sprint to assess any issues that need to be addressed either prior to release or in the next sprint based on criticality and effort to fix. We do not have time to conduct manual testing, so Invicti has proved to be a useful tool.”

Daniel Clark Senior Cloud Security Analyst, NICE
Music Tribe

“Invicti really eases the Security Testing.”

Antony Santhanamariyan Head Of IT Security, Music Tribe
Dastechnologies Srl

“As Security Consultants, we use Invicti to perform clients’ website scans. After detecting vulnerabilities, we assist our clients with remediation and then verify in Invicti that the detected vulnerabilities have disappeared. It helps a lot of our clients to raise their security levels.”

Gianluca Papaleo Cybersecurity Specialist, Dastechnologies Srl
Under Protection

“We use Invicti to provide a high grade security to our customers. It’s an important piece to check applications and validate secure development. This is a good product for our demand.”

Hesron Hori IT, Under Protection

“We use Invicti as an on-demand vulnerability scanner that can quickly assess vulnerabilities for individual applications provisioned in the environment.”

CISO, Research University in the Eastern USA

“We run weekly OWASP vulnerability scans against our entire product line, as well as on demand scans for major clients. Invicti generally has high accuracy and minimal false positives and false negatives.”

CTO and Chief Security Officer at SaaS Software Company

“We use Invicti for web application assessments and have found it to be an insightful and intuitive tool.”

Canadian Security Company

Easy, Automated and Scalable Web Application Security

Get a demo View all features