Loading ...
Try HTTPCS +33 1 85 09 15 09
HTTPCS by ziwit vs detectify

HTTPCS and Detectify Web Vulnerability Scanners comparison

Looking for a vulnerability scanner in order to secure your websites and web applications?
Discover this comparative review to compare the differences between these two solutions
in order to make the good choice between HTTPCS Security and Detectify.

14-Day free trial Ask for a demo

Click to compare our vulnerability scanner vs Detectify

Headless and Grey Box

HTTPCS handles the latest-generation dynamic web content with its Headless Robot crawling the whole application.

100% mapping with Headless process

HTTPCS Security performs its tests with authentification (Grey box) and can handle complex authentifications like SSO (Single Sign On)

Grey Box tests option

The robot handles complex SSO (Single Sign On) authentifications

The HTTPCS security audits are automatically performed on a daily basis without any human intervention. Detailed reports reveal the exploitable security flaws.

scan scheduling option

The attack simulation feature only reveals the truly exploitable security flaws. It can help you understand the risks incurred.

No flaw simulator

HTTPCS offers a 0 false positive guarantee with its simulator. This guarantee saves time for the technical teams, that don't have to deal with the non exploitable flaws.

No guarantee

The flaws are cleverly and automatically listed according to their criticity level. The technical team can therefore immediately see the flaws that need to be fixed first.

Prioritization of flaws according to their criticity level

Indications and fixes to apply for each flaw are provided and detailed in each report.

No tool to help fix the flaws

The fixed flaws are detected and moved to a specific area dedicated to automated audits.

No automatic detection of the fixed flaws

Our pentesting teams can detect any kind of vulnerability (Top 10 OWASP, CVE, 0 Day attacks and more!)

CVE, OWASP and 0 day

HTTPCS Security is part of the complete HTTPCS CyberSecurity suite. The user can easily find all the modules he subscribed in a single console.

Every HTTPCS solution integrates the Machine Learning technology. The intelligent robots constantly improves itself after each audit and becomes more and more efficient.

Detailed logs to HAR (HTTP Archive) format is optionally available

HAR format reports not available

A powerful API allows users to link with other tools.

API provided

For the users that don't have any security breach on their website, HTTPCS provides a certification seal. The seal is clickable and easy-to-use, it lets the company reassure its visitors.

HTTPCS console is 100 % SaaS, no installation is required. Console keeps the highest level of performance in order to provide a perfect cybersecurity to its users.

100% SaaS interface

The HTTPCS user console enables to companies with a large number of websites or applications to move them into predefined "categories" to make their management easier.

Classification system for websites not available

You can easily add, limit or delete a user in just a few clicks. The management of large work teams is made easier,

10 users maximum

Reports can quickly be exported to PDF format

PDF format reports available

Console interface is available in several languages (French, English, Italian and Portuguese)

Multilingual interface unavailable

The interface of the HTTPCS console is very easy to use and user-friendly. There is no additionnal fee or installation required, nor any training required for your employees.

Ergonomic and intuitive interface

Data storage (logs and reports) is unlimited at HTTPCS, just so you can do stastistical studies in the long term.

Limited

Data is stored for 1 year

Pricing includes all costs. There is no additional fee at the time of purchase (set-up fees, training fees...)

HTTPCS Technical support is available in 7 languages, French-speaking and English-speaking included

Support en français indisponible

HTTPCS technical support is available during office hours for the "Plus" version and at any time for the "Full" version (24h/24, 7j/7)

Support aux heures de bureau

Customer service can be reached online, by email and over the phone. A FAQ is also available on the website.

email, chat en ligne, téléphone, FAQ

European leader of Cybersecurity, HTTPCS is a French company. Therefore, HTTPCS protects your data in accordance with the GDPR and provides users with physical intermediary.

Entreprise suédoise, pas de bureau en France

Headless

The Headless and the 100% mapping

The Headless browser can 100% map the content of a web application. This technology is necessary when you are willing to detect as many flaws as possible, because this technology is the closest thing to the actions of an internet user: scrolling a page, clicking on buttons, filling out dynamic forms…

In the case of these two solutions, HTTPCS, just like Detectify, provides a vulnerability scanner equipped with the Headless technology.

Headless
HTTPCS offers a headless exclusive robot which can 100% map an application.
5/5

Headless
Detectify includes the Headless technology and the management of dynamic web applications.
5/5

Flaws and Grey Box

Grey Box test and handled flaws

Unlike the Black Box test in which the robot cannot go beyond a certain authentication point, the Grey Box test allows it.

Therefore, in Grey Box mode, the robot has the user ID and the password to detect as many flaws as possible within the audited web application.

Detectify and HTTPCS both handle the tests in Grey Box mode.

Both web application scanners can detect the flaws in the main dictionaries of flaws, whether they are OWASP or CVE vulnerabilities.

The «zero-day» flaws are taken into account only by HTTPCS, which manually implements them, on a daily basis for a perpetual improvement of its robot. These zero-day flaws go further than the OWASP or the CVE because they have never been publicly fixed.

Flaws and Grey Box
HTTPCS knows the great majority of existing flaws which are certified (OWASP, CVE). Moreover, the management of « zero-day » flaws seduces and reassures.Authentication and Grey Box tests are performed.
5/5

Flaws and Grey Box
Handles the flaws contained within the known dictionaries, such as the OWASP and the CVE, but the « zero-day » flaws are not supported. Authentication and Grey Box tests are performed.
3/5

False positive

False positive processing

A false positive is to a positive result to a test, even though it should be negative. Regarding flaw detection, a false positive is a flaw qualified as «exploitable» when it is not.

The user will receive a warning about the presence of a flaw, and will have to manually check its exploitability.

The manual re-processing of each flaw in order to ensure its exploitability may be a huge waste of time for the technical teams.

The management and processing of false positives vary from one vulnerability scanner to another.

Detectify manually detects false positives. The solution requires its users to notify false positives to the support team just so they are not detected as flaws anymore. For every single false positive, the user will have to warn the Detectify support.

Unlike Detectify, HTTPCS guarantees a 0 false positive rate. In order to make this possible, the HTTPCS vulnerability scanner will test the detected flaw and check its exploitability upfront thanks to its flaw simulator provided.

This guarantee, which is unique on the market of vulnerability scanners, makes a difference and brings HTTPCS to a higher level compared to its competitors.

False positive
HTTPCS can simulate an attack like a real hacker in order to guarantee a 0 false positive rate.
5/5

False positive
Detectify does not have any flaw simulation technology, but the users can notify a flaw to the support staff. However, it takes 48 hours for them to deal with the request.
2/5

Solutions and specificities

Specificities of the Solutions

Detectify is a classic web application scanner, which is not different in its inner features. However, it enables various integrations with Slack, Jira, Zapier or even Trello. These integrations perfectly match its strategy and its mindset « Designed by and for start-up ».

This mindset is highlighted by the tone and the humor contained in all of its communications.

HTTPCS specifically includes three complementary modules in addition to its web vulnerability scanner:

  • Monitoring: a monitoring solution which indicates the availability of a server almost in real-time.
  • Integrity: a solution that warns you in case of any suspicious change within the code of your application or website.
  • Cyber Vigilance: a revolutionary solution that handles a full-time monitoring of the web and darknet (5 million of sensitive data collected every day) in order to warn the user in case of any data leak or in case of cyber risk.

Solutions and specificities
HTTPCS provides a complete solution suite around its web application scanner and offers a disruptive Darknet monitoring solution.
4/5

Solutions and specificities
Detectify provides a classic web application scanner, which is simple and efficient. Its features are not revolutionary, but they differ through its API and its integrations.
3/5

Secure your website or web application now and avoid being hacked!

14-Day free trial Ask for a demo

Pricing and support

Support and pricing

Detectify provides its professional version starting from $ 84 / month (70 €) with a yearly subscription or $ 105 / month (88 €) without commitment. It is also possible to have a tailor-made offer depending on the number of applications you have to secure.

Detectify support is essential to report false positives, but it is very limited. Users can contact the support over the phone, and it requires more or less 48 hours in order to get a technician’s answer.

HTTPCS is provided for $ 87 / month with a yearly subscription or a $ 97 / month for a plan without commitment. Its head office is located in France and the company offers a 5/7 support. The technical team gives some advice, informs and quickly helps resolve any problem, for free, in 7 languages, including English and French.

HTTPCS is nearly two times cheaper than the solution offered by Detectify in its yearly subscription.

Pricing and support
HTTPCS clearly indicates its prices on its web site. Its pricing range is affordable for the services provided. Indeed, the HTTPCS support can be reached at any time, which can help anticipate any crisis situation with serenity.
5/5

Pricing and support
The « all-inclusive » prices of Detectify are not indicated. The basic pricing is cheap, but features and support are limited.
3/5
Interface’s overview of our web vulnerability scanner

Interface

Security by ziwit logo

logo versus

Interface

logo detectify

Interface
The HTTPCS SaaS interface is clear, sober and modern. Simple of use and easy to handle, it is user-friendly. Tutorials and dedicated Account Managers are available in order to answer any potential question.
5/5

Interface
The Detectify SaaS interface is intuitive, sober and modern. A guide and a FAQ are available in order to make its use easier.
4/5

Final Comparison

In order to conclude this study, here is a general recap of the different tested features. Each feature has been graded out of 5 in order to obtain a final grade of 30.

Overall
comparative rating

Focusing on the features and specificities of these two applications, HTTPCS received a grade of 29/30 unlike Detectify that received a grade of 20/30. HTTPCS does its best to meet the needs of a company looking for an efficient vulnerability scanner, without any manual processing, with an interface easy to use and an affordable price.

You can try for free the HTTPCS scanner for 14 days or request an online demonstration with a dedicated Account Manager. Why hesitate?

Vulnerability Scanner tested by more than 9200 companies around the world

14-Day free trial Ask for a demo