We performed a comparison between Acunetix and Fortify WebInspect based on real PeerSpot user reviews.
Find out in this report how the two DevSecOps solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."One of the features that I feel is groundbreaking, that I would like to see expanded on, is the IAS feature: The Interactive Application Security Testing module that gets loaded onto an application on a server, for more in-depth, granular findings. I think that is really neat. I haven't seen a lot of competitors doing that."
"Acunetix has an awesome crawler. It gives a referral site map of near targets and also goes really deep to find all the inputs without issues. This was valuable because it helped me find some files or directories, like web admin panels without authentication, which were hidden."
"The most important feature is that it's a web-based graphical user interface. That is a great addition. Also, the ability to schedule scans is great."
"It can operate both as a standalone and it can be integrated with other applications, which makes it a very versatile solution to have."
"There is a lot of documentation on their website which makes setting it up and using it quite simple."
"For us, the most valuable aspect of the solution is the log-sequence feature."
"I haven't seen reporting of that level in any other tool."
"The most valuable feature of the solution is the speed at which it can scan multiple domains in just a few hours."
"Reporting, centralized dashboard, and bird's eye view of all vulnerabilities are the most valuable features."
"It is scalable and very easy to use."
"Guided Scan option allows us to easily scan and share reports."
"The accuracy of its scans is great."
"The solution's technical support was very helpful."
"I've found the centralized dashboard the most valuable. For the management, it helps a lot to have abilities at the central level."
"The user interface is ok and it is very simple to use."
"The solution is able to detect a wide range of vulnerabilities. It's better at it than other products."
"In terms of what needs improvement, the way the licensing model is currently is not very convenient for us because initially, when we bought it, the licensing model was very flexible, but now it restricts us."
"The solution limits the number of scans. It would be much better if we could have unlimited scans."
"The vulnerability identification speed should be improved."
"When monitoring the traffic we always have issues with the bandwidth consumption and the throttling of traffic."
"We have had issues during upgrades where their scans worked on some apps better with previous versions. Then, we had to work with their tech support, who were great, to get it fixed for the next version."
"Integration into other tools is very limited for Acunetix. While we're trying to incorporate a CI/CD process where we're integrating with JIRA and we're integrating with Jenkins and Chef, it becomes problematic. Other tools give you a high integration capability to connect into different solutions that you may already have, like JIRA."
"It would be nice to have a feature to "retest" only a single vulnerability that the customer reports as patched, and delete it from the next scans since it has already been patched."
"You can't actually change your password after you've set it unless you go back into the administration account and you change it there. Thus, if you're locked out and don't remember your password, that's a thing."
"The initial setup was complex."
"The solution needs better integration with Microsoft's Azure Cloud or an extension of Azure DevOps. In fact, it should better integrate with any cloud provider. Right now, it's quite difficult to integrate with that solution, from the cloud perspective."
"The installation could be a bit easier. Usually it's simple to use, but the installation is painful and a bit laborious and complex."
"A localized version, for example, in Korean would be a big improvement to this solution."
"Fortify WebInspect could improve user-friendliness. Additionally, it is very bulky to use."
"It requires improvement in terms of scanning. The application scan heavily utilizes the resources of an on-premise server. 32 GB RAM is very high for an enterprise web application."
"Lately, we've seen more false negatives."
"The scanner could be better."
Acunetix is ranked 6th in DevSecOps with 26 reviews while Fortify WebInspect is ranked 8th in DevSecOps with 17 reviews. Acunetix is rated 7.6, while Fortify WebInspect is rated 7.0. The top reviewer of Acunetix writes "Fantastic reporting features hindered by slow scanning ". On the other hand, the top reviewer of Fortify WebInspect writes "A powerful tool catering to multiple use cases that provides reasonably good technical support". Acunetix is most compared with OWASP Zap, Tenable.io Web Application Scanning, PortSwigger Burp Suite Professional, HCL AppScan and Veracode, whereas Fortify WebInspect is most compared with PortSwigger Burp Suite Professional, Fortify on Demand, OWASP Zap, HCL AppScan and Qualys Web Application Scanning. See our Acunetix vs. Fortify WebInspect report.
See our list of best DevSecOps vendors.
We monitor all DevSecOps reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.