• Home
  • Acunetix vs. Veracode

Acunetix vs Veracode comparison

Cancel
You must select at least 2 products to compare!
Invicti Logo
Acunetix
Read 26 Acunetix reviews
4,838 views|3,661 comparisons
91% willing to recommend
Veracode Logo
Veracode
Read 194 Veracode reviews
24,547 views|16,538 comparisons
90% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Acunetix vs. Veracode
May 2024
Executive Summary

We performed a comparison between Acunetix and Veracode based on real PeerSpot user reviews.

Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Acunetix vs. Veracode Report (Updated: May 2024).
Download the complete report
772,649 professionals have used our research since 2012.
Featured Review
SivaPrakash
Fantastic reporting features hindered by slow scanning
Rishabh Khanna
Researched Acunetix but chose Veracode: Good for legacy technologies but the DAST engines are primitive
We initially had more than 15,000 vulnerabilities. Veracode helped us to regulate all the teams. I gave the consult level access and a basic level... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"We are able to create a report which shows the PCI DSS scoring and share it with the application teams. Then, they can correlate and see exactly what they need to fix, and why.""The most valuable feature of the solution is the speed at which it can scan multiple domains in just a few hours.""The tool's most valuable feature is performance.""The solution is highly stable.""Our developers can run the attacks directly from their environments, desktops.""It comes equipped with an internal applicator, which automatically identifies and addresses vulnerabilities within the program.""The most valuable feature of Acunetix is the UI and the scan results are simple.""The most important feature is that it's a web-based graphical user interface. That is a great addition. Also, the ability to schedule scans is great."

More Acunetix Pros →

"The solution can scan old databases and old code written 20 years back.""The user interface is quick, familiar, and user-friendly and makes navigation to other software very easy.""Being able to scan our applications and identify all codes and defects is an extremely valuable feature.""Veracode's technical support is great. They assigned us a TAM and once a week, we have a brief engagement with the TAM to verify that everything's going well. If we have any outstanding issues, they get serviced and addressed.""I have used this solution in multiple projects for vulnerability testing and finding security leaks within the code.""The most valuable feature of Veracode Static Analysis is the scanning.""Also, our customers benefited from the added security assurance of our applications, as they’ve been able to identify OWASP top-10 application vulnerabilities without a manual tester.""Veracode Fix is a new feature that functions similarly to auto-remediation for low or medium flaw codes."

More Veracode Pros →

Cons
"It should be easier to recreate something manually, with the manual tool, because Acunetix is an automatic tool. If it finds something, it should be easier to manually replicate it. Sometimes you don't get the raw data from the input and output, so that could be improved.""The solution's pricing could be better.""There are some versions of the solution that are not as stable as others.""When monitoring the traffic we always have issues with the bandwidth consumption and the throttling of traffic.""The vulnerability identification speed should be improved.""Acunetix needs to include agent analysis.""I had some issues with the JSON parameters where it found some strange vulnerabilities, but it didn't alert the person using it or me about these vulnerabilities, e.g., an error for SQL injection.""There is room for improvement in website authentication because I've seen other products that can do it much better."

More Acunetix Cons →

"The scanning could be improved, because some scans take a bit of time.""While Veracode is way ahead of its competitors on Gartner Magic Quadrant, it's a bit more expensive than Fortify. It's a good solution for the cost, but if we had a high budget, we would go with Checkmarx, which is much better than Veracode.""We use Ruby on Rails and we still don't have any support for that from Veracode.""We tried to create an automatic scanning process for Veracode and integrate it into our billing process, but it was easier to adopt it to repositories based on GIT. Until now, our source control repository was Azure DevOps Server (Microsoft TFS) to managing our resources. This was not something that they supported. It took us some sessions together before we successfully implemented it.""The static analysis is prone to a lot of false positives. But that's how it is with most static analysis tools... Also, the static analysis can sometimes take a little while. The time that it takes to do a scan should be improved.""Sometimes Veracode gives us results about small glitches in the necessary packages. For example, we recently found issues with Veracode's native libraries for .NET 6 that were fixed in the next versions of those libraries. But sometimes you do not know which version of the library particular components are using. The downside of that is that one day, the solution found some issues in that library for the necessary package we spent. Another day, it found the same issues with another library. It will clearly state that this is the same stuff you've already analyzed. This creates some additional work, but it isn't significant. However, sometimes you see the same issue for two or three days in a row.""One concern is that scans take a long time to run. We scan at the end of the day because we know it will take a lot of time. We leave it to run and the report will be generated by the next day when we arrive. The scanning time could be reduced.""It's taking too much time to do a quality scan."

More Veracode Cons →

Pricing and Cost Advice
  • "When we looked at all other vendors and what they were asking for, to provide a third of what Acunetix was capable of doing, it was an easy decision... But now that it's coming to a cost where it's line with market value, it becomes more of a competition... Acunetix is raising the cost of licensing. It's 3.5 times what we were initially quoted."
  • "Acunetix was around the same price as all the other vendors we looked at, nothing special."
  • "The pricing and licensing are reasonable to a point. In order to run multiple scans at a time, we are going to have to purchase a 100 count license, which is an overkill. Though, compared to what we were paying for, the cost seems reasonable."
  • "All things considered, I think it has a good price/value ratio."
  • "The costs aren't very expensive. It costs around $3000 or $4000."
  • "I would say that Acunetix is expensive because there are products on the market with similar features that are equally or better-priced."
  • "The pricing is a little high, and moreover, it's kind of domain-based."
  • "When compared with other products, the pricing is a little bit high. But it gives value for the price. It serves the purpose and is worthwhile for the price we pay."

    • More Acunetix Pricing and Cost Advice →

  • "Its complexity makes it quite expensive, but it’s all worth it, with all the engineering in the background."
  • "The pricing is pretty high."
  • "The worst part about the product is that it does not scale at all. Also, microservices apps will cost you a fortune."
  • "I think licensing needs to be changed or updated so that it works with adjustments. Pricing is expensive compared to the amount of scanning we perform."
  • "It's worth the value"
  • "Pricing seems fair for what is offered, and licensing has been no problem. All developers are able to get the access they need."
  • "It can be expensive to do this, so I would just make sure that you're getting the proper number of licenses. Do your analysis. Make sure you know exactly what it is you need, going in."
  • "The licensing and prices were upfront and clear. They stand behind everything that is said during the commercial phase and during the onboarding phase. Even the most irrelevant "that can be done" was delivered, no matter how important the request was."

    • More Veracode Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
    See Recommendations
    772,649 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Acunetix Vulnerability Scanner?
    Top Answer:The tool's most valuable feature is scan configurations. We use it for external physical applications. The scanning time depends on the application's code.
    Read all 25 answers   →
    What needs improvement with Acunetix Vulnerability Scanner?
    Top Answer:There are some versions of the solution that are not as stable as others.
    Read all 20 answers   →
    What is your primary use case for Acunetix Vulnerability Scanner?
    Top Answer:We use the product for dynamic analysis. It also helps us to scan web applications.
    Read all 23 answers   →
    Which gives you more for your money - SonarQube or Veracode?
    Top Answer:SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis. SonarQube has a great community edition, which is open-source and free. Easy to use… more »
    Read all 6 answers   →
    What do you like most about Veracode?
    Top Answer:The SAST and DAST modules are great.
    Read all 96 answers   →
    What is your experience regarding pricing and costs for Veracode?
    Top Answer:The product’s price is a bit higher compared to other solutions. However, the tool provides good vulnerability and database features. It is worth the money.
    Read all 66 answers   →
    Ranking
    17th
    out of 75 in Application Security Tools
    Views
    4,838
    Comparisons
    3,661
    Reviews
    6
    Average Words per Review
    304
    Rating
    8.5
    2nd
    out of 75 in Application Security Tools
    Views
    24,547
    Comparisons
    16,538
    Reviews
    94
    Average Words per Review
    989
    Rating
    8.1
    Comparisons
    Also Known As
    AcuSensor
    Crashtest Security , Veracode Detect
    Learn More
    Invicti
    Veracode
    Overview

    Acunetix Web Vulnerability Scanner is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross site scripting, and other exploitable vulnerabilities.

    Veracode is a global leader in Application Risk Management for the AI era. Powered by trillions of lines of code scans and a proprietary AI-generated remediation engine, the Veracode platform is trusted by organizations worldwide to build and maintain secure software from code creation to cloud deployment. Thousands of the world’s leading development and security teams use Veracode every second of every day to get accurate, actionable visibility of exploitable risk, achievereal-time vulnerability remediation, and reduce their security debt at scale. Veracode is a multi-award-winning company offering capabilities to secure the entire software development life cycle, including Veracode Fix, Static Analysis, Dynamic Analysis, Software Composition Analysis, Container Security, Application Security Posture Management, and Penetration Testing.

    Learn more atwww.veracode.com, on theVeracode blog, and onLinkedInandTwitter.

    Sample Customers
    Joomla!, Digicure, Team Random, Credit Suisse, Samsung, Air New Zealand
    Manhattan Associates, Azalea Health, Sabre, QAD, Floor & Decor, Prophecy International, SchoolCNXT, Keap, Rekner, Cox Automotive, Automation Anywhere, State of Missouri and others.
    Top Industries
    REVIEWERS
    Financial Services Firm31%
    Comms Service Provider13%
    Computer Software Company13%
    Media Company6%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm11%
    Government9%
    Manufacturing Company8%
    REVIEWERS
    Computer Software Company26%
    Financial Services Firm23%
    Insurance Company9%
    Comms Service Provider6%
    VISITORS READING REVIEWS
    Financial Services Firm18%
    Computer Software Company15%
    Manufacturing Company8%
    Government6%
    Company Size
    REVIEWERS
    Small Business41%
    Midsize Enterprise19%
    Large Enterprise41%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise19%
    Large Enterprise59%
    REVIEWERS
    Small Business31%
    Midsize Enterprise20%
    Large Enterprise49%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise14%
    Large Enterprise69%
    Buyer's Guide
    Acunetix vs. Veracode
    May 2024
    Free Report: Acunetix vs. Veracode
    Find out what your peers are saying about Acunetix vs. Veracode and other solutions. Updated: May 2024.
    DOWNLOAD NOW
    772,649 professionals have used our research since 2012.

    Acunetix is ranked 17th in Application Security Tools with 26 reviews while Veracode is ranked 2nd in Application Security Tools with 194 reviews. Acunetix is rated 7.6, while Veracode is rated 8.2. The top reviewer of Acunetix writes "Fantastic reporting features hindered by slow scanning ". On the other hand, the top reviewer of Veracode writes "Helps to reduce false positives and prevent vulnerable code from entering production, but does not support incremental scanning ". Acunetix is most compared with OWASP Zap, Tenable.io Web Application Scanning, PortSwigger Burp Suite Professional, HCL AppScan and PortSwigger Burp Suite Enterprise Edition, whereas Veracode is most compared with SonarQube, Checkmarx One, Fortify on Demand and Snyk. See our Acunetix vs. Veracode report.

    See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.

    We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.