// scanner: invicti
Invicti pricing 2026: quote-only, ~$5,000 per application per year (partner-reported)
Enterprise DAST with Proof-Based Scanning. Sibling brand to Acunetix (same parent).
author: Oliver Wakefield-Smith · verified 2026-06-26
// direct-answer
What does Invicti cost in 2026?
Quote only (~$5,000 / app / yr partner-reported). Enterprise DAST with Proof-Based Scanning. Sibling brand to Acunetix (same parent).
Pricing snapshot
- Invicti StandardQuote only, per-application
- Invicti TeamQuote only, multi-user
- Invicti EnterpriseQuote only, on-prem or SaaS
What scales, what does not
- Proof-Based Scanning auto-validates a subset of findings (XSS, SQLi) with safe exploit payloads, cutting human triage hours.
- Same Invicti Group parent as Acunetix; underlying scan engines differ but overlap is real.
- Per-app pricing rewards consolidation onto fewer URL roots and discrete authentication contexts.
Where it hits the ceiling
Invicti's strength is mid-to-enterprise DAST; for cheap per-target or pen-test-style workflows, Burp or Acunetix often wins.
// faq
FAQ
- Is Invicti pricing public?No. Invicti pricing is quote-only as of 2026-06-26. Figures cited are partner-reported.
- Is there a free tier of Invicti?No formal free tier. Trials and PoCs are common.
- Does Invicti cover web application scanning?Yes, that is its primary product.
- Does Invicti produce PCI ASV evidence?Yes; Invicti either is a PCI Approved Scanning Vendor or its output is regularly used as part of an ASV-attested package.
- How often does Invicti update its vulnerability content?Daily for commercial scanners (Tenable plugins, Qualys signatures, Rapid7 recog). Open-source OpenVAS NVT feed is daily but lags commercial coverage by hours to days.