• Home
  • Acunetix vs. Veracode

Acunetix vs Veracode comparison

Cancel
You must select at least 2 products to compare!
Invicti Logo
Acunetix
Read 26 Acunetix reviews
4,838 views|3,661 comparisons
91% willing to recommend
Veracode Logo
Veracode
Read 194 Veracode reviews
24,547 views|16,538 comparisons
90% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Acunetix vs. Veracode
May 2024
Executive Summary

We performed a comparison between Acunetix and Veracode based on real PeerSpot user reviews.

Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Acunetix vs. Veracode Report (Updated: May 2024).
Download the complete report
772,679 professionals have used our research since 2012.
Featured Review
SivaPrakash
Fantastic reporting features hindered by slow scanning
Ujjwal Sachdeva
Identifies bugs before deployment in the software-side cycle process
We've saved a lot of time since using Veracode. We've also been able to cut down on costs since we require a lot of penetration tests for testing... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Our developers can run the attacks directly from their environments, desktops.""It comes equipped with an internal applicator, which automatically identifies and addresses vulnerabilities within the program.""It can operate both as a standalone and it can be integrated with other applications, which makes it a very versatile solution to have.""The automated approach to these repetitive discovery attempts would take days to do manually and therefore it helps reduce the time needed to do an assessment.""Their technical support has been very active. If I have an issue, I can reach out to them and get an answer pretty quick.""Picks up weaknesses in our app setups.""We use the solution for the scanning of vulnerabilities like SQL injections.""The solution is highly stable."

More Acunetix Pros →

"I like its integration with GitHub. I like using it from GitHub. I can use the GitHub URL and find out the vulnerabilities.""Stable and scalable, with good reporting features. Helps in detecting and managing vulnerabilities and risks.""It's comprehensive from a feature standpoint.""When those scans kick, Veracode integrates back into our JIRA and actually open tickets with the appropriate development teams. We can use that as a measurement of vulnerabilities opened, closed; we can tie them to releases. So, we get a whole lot more statistical information about security in our software products.""Also, our customers benefited from the added security assurance of our applications, as they’ve been able to identify OWASP top-10 application vulnerabilities without a manual tester.""The solution's ability to prevent vulnerable code from going into production is perfectly fine. It delivers, at least for the reports that we have been checking on Java and JavaScript. It has reported things that were helpful.""Valuable features for us are the static scanning of the software, which is very important to us; the ability to set policy profiles that are specific to us; the software composition analysis, to give us reports on known vulnerabilities from our third-party components.""The automation of Veracode is great because we no longer have to run manual testing."

More Veracode Pros →

Cons
"The vulnerability identification speed should be improved.""Acunetix needs to include agent analysis.""I had some issues with the JSON parameters where it found some strange vulnerabilities, but it didn't alert the person using it or me about these vulnerabilities, e.g., an error for SQL injection.""Acunetix needs to be dynamic with JavaScript code, unlike Netsparker which can scan complex agents.""Currently only supports web scanning.""The pricing is a bit on the higher side.""Integration into other tools is very limited for Acunetix. While we're trying to incorporate a CI/CD process where we're integrating with JIRA and we're integrating with Jenkins and Chef, it becomes problematic. Other tools give you a high integration capability to connect into different solutions that you may already have, like JIRA.""There is room for improvement in website authentication because I've seen other products that can do it much better."

More Acunetix Cons →

"I would also like to see some improvement in the speed. That is really the only complaint, but in all reality we have a massive Java application that needs to be scanned. Our developers are saying, "It takes 72 hours to scan it." That is probably the nature of the beast, and I'm actually pretty accepting of that time frame, but since it's a complaint that I get, faster is always better. I don't necessarily think that the speed is bad as it is, just that faster would be better.""Scheduling can be a little difficult. For instance, if you set up recurring scheduled scans and a developer comes in and says, "Hey, I have this critical release that happened outside of our normal release patterns and they want you to scan it," we actually have to change our schedule configuration and that means we lose the recurring scheduling settings we had.""The overall reporting structure is complicated, and it's difficult to understand the report.""I would like to see these features: entering comments for internal tracking; entering a priority; reports that show the above.""The on-platform reporting needs to be opened up much more. We'd like to be able to look at the inspection data from a trending perspective in a much more open manner. I need to be able to sort and filter much more flexibly than I can today.""I've found that Veracode is not particularly suitable for Dynamic Application Security Testing.""It's very expensive for a small organization.""When it comes to the speed of the pipeline scan, one of the things we have found with Veracode is that it's very fast with Java-based applications but a bit slow with C/C++ based applications. So we have implemented the pipeline scan only for Java-based applications not for the C/C++ applications."

More Veracode Cons →

Pricing and Cost Advice
  • "When we looked at all other vendors and what they were asking for, to provide a third of what Acunetix was capable of doing, it was an easy decision... But now that it's coming to a cost where it's line with market value, it becomes more of a competition... Acunetix is raising the cost of licensing. It's 3.5 times what we were initially quoted."
  • "Acunetix was around the same price as all the other vendors we looked at, nothing special."
  • "The pricing and licensing are reasonable to a point. In order to run multiple scans at a time, we are going to have to purchase a 100 count license, which is an overkill. Though, compared to what we were paying for, the cost seems reasonable."
  • "All things considered, I think it has a good price/value ratio."
  • "The costs aren't very expensive. It costs around $3000 or $4000."
  • "I would say that Acunetix is expensive because there are products on the market with similar features that are equally or better-priced."
  • "The pricing is a little high, and moreover, it's kind of domain-based."
  • "When compared with other products, the pricing is a little bit high. But it gives value for the price. It serves the purpose and is worthwhile for the price we pay."

    • More Acunetix Pricing and Cost Advice →

  • "Its complexity makes it quite expensive, but it’s all worth it, with all the engineering in the background."
  • "The pricing is pretty high."
  • "The worst part about the product is that it does not scale at all. Also, microservices apps will cost you a fortune."
  • "I think licensing needs to be changed or updated so that it works with adjustments. Pricing is expensive compared to the amount of scanning we perform."
  • "It's worth the value"
  • "Pricing seems fair for what is offered, and licensing has been no problem. All developers are able to get the access they need."
  • "It can be expensive to do this, so I would just make sure that you're getting the proper number of licenses. Do your analysis. Make sure you know exactly what it is you need, going in."
  • "The licensing and prices were upfront and clear. They stand behind everything that is said during the commercial phase and during the onboarding phase. Even the most irrelevant "that can be done" was delivered, no matter how important the request was."

    • More Veracode Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
    See Recommendations
    772,679 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Acunetix Vulnerability Scanner?
    Top Answer:The tool's most valuable feature is scan configurations. We use it for external physical applications. The scanning time depends on the application's code.
    Read all 25 answers   →
    What needs improvement with Acunetix Vulnerability Scanner?
    Top Answer:There are some versions of the solution that are not as stable as others.
    Read all 20 answers   →
    What is your primary use case for Acunetix Vulnerability Scanner?
    Top Answer:We use the product for dynamic analysis. It also helps us to scan web applications.
    Read all 23 answers   →
    Which gives you more for your money - SonarQube or Veracode?
    Top Answer:SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis. SonarQube has a great community edition, which is open-source and free. Easy to use… more »
    Read all 6 answers   →
    What do you like most about Veracode?
    Top Answer:The SAST and DAST modules are great.
    Read all 96 answers   →
    What is your experience regarding pricing and costs for Veracode?
    Top Answer:The product’s price is a bit higher compared to other solutions. However, the tool provides good vulnerability and database features. It is worth the money.
    Read all 66 answers   →
    Ranking
    17th
    out of 75 in Application Security Tools
    Views
    4,838
    Comparisons
    3,661
    Reviews
    6
    Average Words per Review
    304
    Rating
    8.5
    2nd
    out of 75 in Application Security Tools
    Views
    24,547
    Comparisons
    16,538
    Reviews
    94
    Average Words per Review
    989
    Rating
    8.1
    Comparisons
    Also Known As
    AcuSensor
    Crashtest Security , Veracode Detect
    Learn More
    Invicti
    Veracode
    Overview

    Acunetix Web Vulnerability Scanner is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross site scripting, and other exploitable vulnerabilities.

    Veracode is a global leader in Application Risk Management for the AI era. Powered by trillions of lines of code scans and a proprietary AI-generated remediation engine, the Veracode platform is trusted by organizations worldwide to build and maintain secure software from code creation to cloud deployment. Thousands of the world’s leading development and security teams use Veracode every second of every day to get accurate, actionable visibility of exploitable risk, achievereal-time vulnerability remediation, and reduce their security debt at scale. Veracode is a multi-award-winning company offering capabilities to secure the entire software development life cycle, including Veracode Fix, Static Analysis, Dynamic Analysis, Software Composition Analysis, Container Security, Application Security Posture Management, and Penetration Testing.

    Learn more atwww.veracode.com, on theVeracode blog, and onLinkedInandTwitter.

    Sample Customers
    Joomla!, Digicure, Team Random, Credit Suisse, Samsung, Air New Zealand
    Manhattan Associates, Azalea Health, Sabre, QAD, Floor & Decor, Prophecy International, SchoolCNXT, Keap, Rekner, Cox Automotive, Automation Anywhere, State of Missouri and others.
    Top Industries
    REVIEWERS
    Financial Services Firm31%
    Comms Service Provider13%
    Computer Software Company13%
    Media Company6%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm11%
    Government9%
    Manufacturing Company8%
    REVIEWERS
    Computer Software Company26%
    Financial Services Firm23%
    Insurance Company9%
    Comms Service Provider6%
    VISITORS READING REVIEWS
    Financial Services Firm18%
    Computer Software Company15%
    Manufacturing Company8%
    Government6%
    Company Size
    REVIEWERS
    Small Business41%
    Midsize Enterprise19%
    Large Enterprise41%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise19%
    Large Enterprise59%
    REVIEWERS
    Small Business31%
    Midsize Enterprise20%
    Large Enterprise49%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise14%
    Large Enterprise69%
    Buyer's Guide
    Acunetix vs. Veracode
    May 2024
    Free Report: Acunetix vs. Veracode
    Find out what your peers are saying about Acunetix vs. Veracode and other solutions. Updated: May 2024.
    DOWNLOAD NOW
    772,679 professionals have used our research since 2012.

    Acunetix is ranked 17th in Application Security Tools with 26 reviews while Veracode is ranked 2nd in Application Security Tools with 194 reviews. Acunetix is rated 7.6, while Veracode is rated 8.2. The top reviewer of Acunetix writes "Fantastic reporting features hindered by slow scanning ". On the other hand, the top reviewer of Veracode writes "Helps to reduce false positives and prevent vulnerable code from entering production, but does not support incremental scanning ". Acunetix is most compared with OWASP Zap, Tenable.io Web Application Scanning, PortSwigger Burp Suite Professional, HCL AppScan and PortSwigger Burp Suite Enterprise Edition, whereas Veracode is most compared with SonarQube, Checkmarx One, Fortify on Demand and Snyk. See our Acunetix vs. Veracode report.

    See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.

    We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.