Home Cases Applus+ Sees 50% Increase in Scanning Coverage with Invicti
Cases

Applus+ Sees 50% Increase in Scanning Coverage with Invicti

Industry: Testing, Inspection, and Certification (TIS)

Company: Applus+

Location: Headquartered in Spain

Company Size: 26,000+

Product: Acunetix 360 (by Invicti)

“The Invicti team worked closely with us to understand our specific needs and security concerns for scanning web applications and APIs. We maintained regular communication with them to fine-tune the solution. Invicti has been a valuable advisor, helping us align our application security strategy with broader industry best practices and emerging threats.”

Applus+

Vladlena Trayno, Cybersecurity Manager

Applus+, a global leader in testing, inspection and certification, knew they needed a new provider of web application security (AppSec) and API solutions when their environment became too complex. Operating across multiple data-intensive industries – automotive, construction, aerospace, oil and gas, and more – Applus+ must constantly ensure security, quality, functionality and regulatory compliance for their customers and employees in over 70 countries.

The Applus+ team cannot afford to skimp on security: it is critical to several of their operational needs, including protecting sensitive customer data, intellectual property and over 26,000 employees worldwide. An organization must ensure that its reputation is strengthened at every step, adhering to strict regulatory requirements in each of its industries, which is not easy to achieve without a comprehensive, accurate and consistent security solution like Invicti.

Finding a Fast Vulnerability Scanner with Full Coverage

When Applus+ decided to update their security strategy, they knew that one of the most important issues to address was the complexity of their attack surface. The organization has many web applications and integrations that need to be managed throughout the software development lifecycle (SDLC), which creates challenges in securing large and dynamic attack surfaces. They needed a way to track all of their assets and potentially associated vulnerabilities or misconfigurations, as well as enable deeper digital transformations for their services and operations.

“We faced significant challenges in maintaining robust security across our many web applications due to limited resources. In particular, we were struggling to perform frequent Dynamic Application Security Testing (DAST) scans of our web applications. Recognizing the critical nature of this issue, we made a strategic decision to invest in Acunetix from Invicti.”

Replacing a Poor AppSec Tool with Acunetix from Invicti

The Applus+ team had an application security solution in place before moving to Invicti, but daily challenges quickly piled up. They lacked regular penetration testing capabilities and were experiencing undetected vulnerabilities. Additionally, the team had resource constraints that prevented them from performing frequent DAST scans of their web applications and deeply integrating security into their workflows.

“We already had an application security solution in place, but we were struggling to keep our many web applications secure. Our tool had limitations such as a lack of regular penetration testing capabilities, accuracy issues, and resource constraints.”

When selecting Invicti’s Acunetix for their security needs, Applus+ looked to Invicti’s comprehensive coverage and key benefits that would help them overcome these challenges. The accuracy, speed, and automation of Invicti’s DAST solution stood out, with more reliable and real-world results that allowed their team to reduce false positives. Finally, Applus+ looked to Invicti’s scalability and reliability, which were critical to optimizing resources as their organization grew.

Web Application Security Testing with Full Coverage and 30% Fewer False Positives

By implementing Invicti’s Acunetix and working it into their existing DevSecOps and DevOps processes, Applus+ was able to increase the number of scans they performed, providing more complete coverage in their application security program. Invicti’s more accurate scans, combined with a 30% reduction in false positives thanks to Invicti’s Proof-based scanning, have significantly improved their efficiency, as false positives and inaccurate results previously slowed down the team.

“We can now scan more web applications more frequently, providing broader and more consistent security coverage. Having a single AppSec platform is incredibly valuable as it allows us to optimize our resources and focus on what really matters.”

In addition to reducing false positives, Applus+ was able to use Invicti’s single platform to increase DAST scanning coverage by 50%. This provided more complete security coverage across their entire digital environment. This approach not only increased the level of security across all assets, but also enabled the team to improve overall efficiency. As a result, 20% of the security team’s time and resources were reallocated to other strategic initiatives.

A more secure future and fewer vulnerabilities with Invicti DAST

Moving into the future with Invicti, Applus+ feels much more confident in its ability to maintain a proactive approach to AppSec and APIs. It also effectively allocates resources between security and development processes. Now, it is easier than ever to accurately detect vulnerabilities with DAST. Scanning speeds can be easily increased as needed. This ensures the team’s success as they scale and requirements change.

“DAST has proven to be a critical component of our company’s security success. As an organization with a large and growing number of web applications, we realized the importance of comprehensive dynamic testing to identify and remediate vulnerabilities.”

The investment in Invicti’s application security platform aligns with Applus+’s focus on maintaining a robust AppSec layer. This is done to protect their web applications and APIs, to keep data and information safe, and to maintain customer trust. This confidence will be critical in 2025 and beyond as Applus+ expands its digital footprint.

“By implementing this AppSec solution, we are taking proactive steps to mitigate risk and maintain the high level of security that our customers expect from a global leader in the ICT sector. This investment demonstrates our commitment to improving our security practices and protecting our customers’ data.”

In the coming months, the Applus+ team will be using Invicti’s security solutions. It will continue to focus on improving its vulnerability management capabilities. The primary goal is to identify and remediate the most critical issues first. The company will also work to strengthen its development team with more automated and integrated security across its CI/CD pipelines. As they move forward, Invicti will be there every step of the way, enabling Applus+ to implement effective controls and prevent unauthorized access to web applications and APIs.

Other materials on the topic

The AI Control Problem

The Use of AI for Code Development at Amazon: A Control Problem in the Industry

16.03.2026
Blind cross-site scripting

Blind Cross-Site Scripting (XSS)

13.03.2026
Stored XSS

Stored Cross-Site Scripting (XSS): Example, Impact, Remediation

06.03.2026

Підписатися на новини

    Leave your contact details and we will get in touch with you