An AppSec leader for more than 15 years, Invicti enables organisations in every industry to continuously scan and secure all of their web applications and APIs. Its solutions enable businesses to enable innovation without compromising security. Kevin Gallagher, President at Invicti, talks more about how Invicti started, its vision and goals and its approach to management.
Tell us a bit more about your business and how it started
Invicti Security was founded in 2005 by Ferruh Mavituna, who developed Netsparker, our first web application security scanner. From the beginning, our mission has been to deliver highly accurate, automated security testing with ‘zero noise’.
With over 2 billion web applications in use globally and 40% of data breaches originating from attacks on web applications, the need for reliable, scalable security solutions has never been greater. Our solutions empower organisations to secure their applications efficiently, enabling innovation without compromising security.
How has the business grown since it started, and how did you ensure growth?
Invicti’s growth is driven by strategic innovation, acquisitions and strong industry demand for effective application security testing:
● Product expansion: We evolved from Netsparker into Invicti Enterprise and acquired Acunetix in 2019, strengthening our portfolio
● Investment and valuation: A 2021 investment from Summit Partners valued Invicti at over US$1 billion
● Technology leadership: We pioneered proof-based scanning, providing 99.98% accuracy and eliminating false positives
● Global presence: Our offices and customers span multiple continents.
● Shift to platform: Transitioning to a DAST-first AppSec platform that can validate vulnerabilities reported from other ASTs like SAST, SCA, etc.
By consistently delivering on our promise of accurate, automated and scalable security, we’ve established Invicti as the leader in not only DAST but also Application Security Testing platforms.
What’s the business’ approach to management?
Our management approach is guided by our core values:
● Global – Diversity and inclusivity are at our core
● Excellent – We hold ourselves to high standards
● Integrity – Doing the right thing is non-negotiable
● Innovative – Intellectual curiosity drives us
● Collaborative – Trust and transparency fuel teamwork
● Adaptive – Agility is key to staying ahead
Our leadership fosters a culture of innovation and collaboration, ensuring that every decision aligns with our mission to deliver ‘AppSec with Zero Noise’.
What is your company’s vision and goal?
● Vision: To be the leading, unified brand and platform that goes beyond DAST, delivering comprehensive application security
● Purpose: “Propel the world forward by securing every web application”
● Brand philosophy: ‘Secure Acceleration’ – ensuring that security never slows development
● Tagline: ‘AppSec with Zero Noise’ – accurate results without unnecessary alerts .
What kind of clients and markets do you serve?
Invicti serves organisations across various industries, including:
● Financial services, healthcare, government and technology sectors
● Enterprises managing large application portfolios
● DevSecOps teams integrating security into CI/CD pipelines
● SMBs and enterprises through tailored product offerings
Our solutions provide deep application testing, API security and vulnerability management, helping customers proactively reduce risk.
What has your career looked like so far?
Throughout my career, I’ve been dedicated to advancing cybersecurity solutions and driving organisational growth. I first joined Invicti Security in 2017, where I played a pivotal role in the company’s expansion and success. After a tenure as CEO of CoSoSys, a data loss prevention software provider, I returned to Invicti in November 2024 as President. In this role, I am focused on scaling operations, accelerating growth and advancing Invicti’s mission to secure the web applications that power our customers’ businesses.
How do you equip your staff with skills and knowledge?
We view our employees as an extension of our brand. Our investment in professional growth includes:
● Continuous learning programmes to stay ahead in web application security
● Cybersecurity certifications for technical expertise
● Industry conferences and knowledge-sharing to foster collaboration
● Hands-on product training to deepen understanding of security testing methodologies
How do you work with other executives within the C-suite to make sure your voice is heard?
At Invicti, collaborative leadership ensures alignment across the C-suite. This includes:
● Cross-functional initiatives integrating diverse expertise
● Transparent communication fostering open dialogue
● Accountability in decision-making, ensuring all leaders contribute to business growth
How do you ensure different teams in your organisation work together?
Cross-functional collaboration is embedded in our culture:
● Technology-driven collaboration tools to improve workflows
● Metric-driven mindset to keep everyone focused on what matters
● Shared objectives connecting product, marketing, sales and operations teams.
