Invicti Allows SECWATCH to Provide Affordable and Efficient Web Application Security Audits
Like everyone else we evaluated Invicti along with a number of other commercial scanners, though we immediately noticed that Invicti was what we were looking for.
– Henk-Jan, SECWATCH Founder
SECWATCH is a Dutch based company that provides penetration testing, security auditing and compliance checks to a variety of organizations in Holland and abroad, ranging from small businesses to enterprises. They have been leading the security industry for a number of years now because of their unique approach, and the clear and practical advice and remediation suggestions they provide to their customers.
The Challenge to Provide Efficient and Affordable Web Application Security Audits
As part of their service offerings, SECWATCH does web application security audits. Originally the company started off by using a combination of open source web security tools and manual web application security audits.
As the demand for their web security services grew, and the web applications they were auditing became bigger and more complex, they encountered two main pitfalls:
- Security tests were taking much longer to complete, thus becoming unaffordable.
- The open source tools did not cope well with the size and complexity of the enterprise level web applications they were auditing.
- Professional and reliable support was not available for the open source tools they were using.
We were doing manual web security audits with a variety of open source security scanners and manual validation testing. As web applications became more complex, we noticed that the tools started reporting a lot of both false positives and false negatives.
– Henk-Jan, SECWATCH Founder
The scan results that the tools were producing impacted our procedures and also our prices. The more complex the web applications were, the more time we were spending to perform manual checks of the scanners’ results, making the whole process too complex and expensive.
Moving Towards Automated and Cost Effective Web Vulnerability Scanning
Because of the problems SECWATCH were encountering while delivering their web application security services, and to ensure they could continue to provide top quality service at an affordable price, they had to look for an automated web vulnerability scanner.
Like many other organizations who needed such a tool, SECWATCH were not just looking for a good web vulnerability scanner; they were looking for a complete solution.
They needed a software that enabled them to automate the process and save time by producing accurate results, and a software company that was always there when they needed support.
Switching to Invicti Web Application Security Scanner
Like everyone else we evaluated Invicti along with a number of other commercial scanners, though we immediately noticed that Invicti was what we were looking for.
– Henk-Jan, SECWATCH Founder
To start off with, it detected web vulnerabilities that other solutions did not detect. It is easy to use and setup, it generates easy to read findings and reports that we can implement into our base workflows. Invicti pricing also allowed us to keep on providing web security audits, which include manual testing and validation at an affordable price.
Sticking to Invicti Web Application Security Scanner
As many security professionals know well, web application security is not a straightforward business. So when buying a web vulnerability scanner it is not just about how good the scanner is, and how many vulnerabilities it can detect, but it is also about the support the software company can provide you with and the continuous development of the scanner.
SECWATCH has been using Invicti alongside several other tools for over three years, with Invicti being the leading tool for web security audits. They do not intend to switch to another solution any time soon, because as Henk-Jan states: “We have contacted Invicti support several times, because when using such an advanced tool it is normal to question some things, or even some results sometimes. Invicti’s support response has always been beyond expectation in terms of time, availability and providing the actual solution”.
Invicti also releases updates and new product versions frequently to ensure that all of its users can stay a step ahead of malicious attackers.
Each new update and version contains new web application security tests and a number of features that enables its users to automate the process as much as possible.
About SECWATCH
SECWATCH specializes in providing solutions for information and network security. SECWATCH unique approach and vision ensures that your business is optimally protected. SECWATCH not only look at the hardware and software solutions, but also to the organizational aspects, such as a solid security and enforcement. SECWATCH sees information security as an integral business process and therefore in addition to technical recommendations they give advice in the areas of management, organizational and business structure. And this makes SECWATCH approach unique in the industry.