Invicti (formerly Netsparker) Features

Administration (10)

Content Delivery: Caching of static or dynamic content at distributed PoPs for faster load times.
Dashboard & Reporting: Reporting and analytics that report on activity and program effectiveness.
Alerting: Identifies and alerts administrators of threats, issues, incidents and requests related to website security.
API / Integrations: Application Programming Interface Specification for how the application communicates with other software. APIs typically enable integration of data, logic, objects, etc. with other software applications.
Extensibility: Provides the ability to extend the platform to include additional features and functionalities
Reporting and Analytics: Tools to visualize and analyze data.
API / Integrations: Application Programming Interface Specification for how the application communicates with other software. APIs typically enable integration of data, logic, objects, etc. with other software applications.
Extensibility: Provides the ability to extend the platform to include additional features and functionalities
API / Integrations: Application Programming Interface Specification for how the application communicates with other software. APIs typically enable integration of data, logic, objects, etc. with other software applications.
Extensibility: Provides the ability to extend the platform to include additional features and functionalities

Risk Analysis (2)

Threat Protection (2)

Analysis (11)

Issue Tracking: Track issues and manage resolutions.
Reconnaissance: Gathers information about the system and potential exploits to be tested.
Vulnerability Scan: Scans applications and networks for known vulnerabilities, holes and exploits.
Reporting and Analytics: Tools to visualize and analyze data.
Issue Tracking: Track issues as vulnerabilities are discovered. Documents activity throughout the resolution process.
Static Code Analysis: Examines application source code for security flaws without executing it.
Code Analysis: Scans application source code for security flaws without executing it.
Reporting and Analytics: Tools to visualize and analyze data.
Issue Tracking: Track issues as vulnerabilities are discovered. Documents activity throughout the resolution process.
Vulnerability Scan: Scans applications and networks for known vulnerabilities, holes and exploits.
Code Analysis: Scans application source code for security flaws without executing it.

Testing (17)

Command-Line Tools: Allows users to access a terminal host system and input command sequences.
Manual Testing: Allows users to perfrom hands-on live simulations and penetration tests.
Test Automation: Runs pre-scripted security tests without requiring manual work.
Performance and Reliability: Software is consistently available (uptime) and allows users to complete tasks quickly because they are not waiting for the software to respond to an action they took.
Command-Line Tools: Allows users to access a terminal host system and input command sequences.
Manual Testing: Allows users to perfrom hands-on live simulations and penetration tests.
Test Automation: Runs pre-scripted security tests without requiring manual work.
Compliance Testing: Allows users to test applications for specific compliance requirements.
Black-Box Scanning: Scans functional applications externally for vulnerabilities like SQL injection or XSS.
Detection Rate: The rate at which scans accurately detect all vulnerabilities associated with the target.
False Positives: The rate at which scans falsely indicate detection of a vulnerability when no vulnerabilitiy legitimately exists.
Manual Testing: Allows users to perfrom hands-on live simulations and penetration tests.
Test Automation: Runs pre-scripted security tests without requiring manual work.
Compliance Testing: Allows users to test applications for specific compliance requirements.
Black-Box Scanning: Scans functional applications externally for vulnerabilities like SQL injection or XSS.
Detection Rate: The rate at which scans accurately detect all vulnerabilities associated with the target.
False Positives: The rate at which scans falsely indicate detection of a vulnerability when no vulnerabilitiy legitimately exists.

Performance (4)

Issue Tracking: Track issues as vulnerabilities are discovered. Documents activity throughout the resolution process.
Detection Rate: The rate at which scans accurately detect all vulnerabilities associated with the target.
False Positives: The rate at which scans falsely indicate detection of a vulnerability when no vulnerabilitiy legitimately exists.
Automated Scans: Runs pre-scripted vulnerability scans without requiring manual work.

Network (3)

Compliance Testing: Allows users to scan applications and networks for specific compliance requirements.
Perimeter Scanning: Analyzes network devices, servers and operating systems for vulnerabilities.
Configuration Monitoring: Monitors configuration rule sets and policy enforcement measures and document changes to maintain compliance.

Application (3)

Manual Application Testing: Allows users to perfrom hands-on live simulations and penetration tests.
Static Code Analysis: Scans application source code for security flaws without executing it.
Black Box Testing: Scans functional applications externally for vulnerabilities like SQL injection or XSS.