NetSparker - Security Vulnerabilty Scanning Tool and Helper

Netsparker is comparatively cheaper, and you can bargain i believe, compare to other tools like Accunetix etc. We compare a couple of them and decided this.

Pros

This tool has both web and desktop versions, with some licensing limitations. It scans your website, for issues and reports the issues and ways to fix them, online can leave it to run from cloud and do your work. Their pricing is not that high.

Cons

The desktop version when run on your system, it slows down everything in your system, so better to use the cloud base one. But these two versions have some difference i think. But overall we were happier with the package, but later as we did not need much, we did not renew it further.

Best software for Web Application Vulnerability Management

I use Netsparker as a Consultant for my clients. I'm very satisfied about the product and how this software help our client to check the security level of the web applications. We also help our clients to build a remediation plan (through the report of Netsparker is very easy and quick perform that task) and through Netsparker checks that all the remediations implemented are in place

Pros

I like Netsparker because is very easy to use, but at the same time has a lot of options that allow an expert user to customize the level of scanning. Also make authenticated scan is very easy (several options are available). Report templates are different and cover all your needs.

Cons

When do concurrent scans it consumes a lot of resources.

Too much money for a third rate product

We are required to run weekly vulnerability scans on many of our production websites and we try to use Netsparker to do these scans. We can schedule when the scans will run and they usually do run. The problem is, if the scan has a problem it must be canceled, otherwise it will never finish and no report will ever be generated.

Pros

Netsparker comes with an automation API so it is possible to include it as part of a Continuous Integration / Continuous Deployment (CI/CD) system. It usually works but not always.

Cons

There is almost no documentation about how to use the product. You are expected to open a support ticket and ask how to do some of simplest things and it usually take a day to get a response back from support. Often the response is, "We don't support that", or "We don't have a sample that does that". I one time asked for .Net Framework sample code to pull a report from Netsparker and the answer I got was "Go toe the GUI and select these buttons. The report will download." The problem was I needed to download the reports problematically. Other times I asked for .Net samples and was given Python code. They are the same, correct?

Continuous vulnerability scanning

Stands out in the space as being one of the easier to use tools. While OWASP ZAP is an excellent tool NetSparker takes the same principles to the next level and bundles it into an easy to use and highly valuable application security scanner SaaS!

Pros

UI is top-notch and easy to grok. It's highly efficient and customizable tool provide in depth reporting when you need it most. Support team is A+! Being able to generate multiple types of reports based on customer needs is quite useful.

Cons

Docs were a bit outdated or not easy to follow when we initially started using the product. Support has steadily been improving them and they look great now.

Web Application Scanning with Netsparker

My years of experience with Netsparker have been nothing but positive and I truly enjoy using this tool to assess our web applications.

Pros

The software is very easy to use yet has extreme amount of customization for scanning any web application.

Cons

Without an intimate knowledge of the capability of the tool, you may miss out on truly reaping its benefits in deep scanning of web applications.