Deployment: Invicti Platform on-demand and Invicti Platform on-premises.
Some features may only be available for one deployment type. Refer to the warning in the AI support assistant section.
Enable AI features
Enable AI features in your organization to leverage advanced AI-powered capabilities that enhance security, automate processes, and improve overall risk management. Below is an overview of the AI features you can enable and customize as needed.
Enable AI features for your organization to take advantage of solutions such as AI-Aided DAST, Predictive Risk Scoring, and more. Invicti designed these tools to make vulnerability management smarter and more efficient.
Read how AI enhances scan coverage and crawling in the linked document.
We don't use your data to train AI models.
Steps to enable AI features for your organization
- Select Settings from the left-side menu.
- In the Modules section, choose AI.
- To enable AI features, select Yes in the Enable AI features for your organization field.
- By default, Invicti sets all features to No. Change each feature's setting as required.
- Read more about the features in the following sections.
- Select Save changes to confirm the settings.
Features
1. AI support assistant
Use the in-product AI assistant to answer questions about Invicti Platform features without searching through documentation. Access it from the question mark icon on the bottom right of each page in the Invicti Platform UI.
Invicti Platform on-premises doesn't support this feature.
2. Predictive risk scoring in Discovery
Predictive Risk Scoring in the Discovery feature helps you prioritize your web assets before scanning them. It uses AI to calculate risk scores for discovered websites, predicting the likelihood of vulnerabilities with a minimum 83% confidence level. The scoring uses up to 220 data points, such as deprecated TLS versions, website age, and insecure cookies.
Invicti categorizes risk scores as Critical, High, Medium, or Low, indicating the potential severity of vulnerabilities. This lets you focus on scanning and addressing the riskiest sites first, making your web assets and organization safer. However, Predictive Risk Scoring doesn't replace thorough scanning—it provides initial prioritization rather than a comprehensive vulnerability assessment.
3. Enhanced crawl coverage
Enhanced Crawl Coverage uses AI to help DAST scanning intelligently handle web forms the scanner can't automatically understand. When the DAST scanner encounters forms with industry-specific inputs (such as medical codes or financial identifiers) or inputs in non-English languages, it uses artificial intelligence to generate contextually appropriate data that passes form validation. This ensures the scanner can successfully submit these forms and continue testing deeper into the application.
This feature delivers significantly more accurate and comprehensive security scanning. By overcoming traditional form-filling limitations, Enhanced Crawl Coverage enables the DAST scanner to access and test critical application areas that would otherwise remain unreachable, uncovering vulnerabilities in protected workflows and complex form-dependent capabilities that standard scanners typically miss.
4. Aided auto-login
AI-Aided Auto-Login enhances DAST scanning by intelligently identifying authentication pages that traditional scanners miss. While you provide credentials for testing authenticated application areas, standard DAST scanners rely on basic heuristics that often fail to locate login pages—particularly when you access authentication through icons rather than text links, or when login flows involve multi-step processes. This feature uses AI to understand the web application's context and accurately identify login forms, regardless of their presentation or complexity.
The system never transmits your credentials to the AI model—the AI only identifies which form fields correspond to username and password inputs, while the scanner itself handles the actual credential entry securely. This ensures comprehensive security testing of authenticated areas without compromising credential security.
Need help?
Invicti Support team is ready to provide you with technical help. Go to Help Center