We performed a comparison between Acunetix and Fortify WebInspect based on real PeerSpot user reviews.
Find out in this report how the two DevSecOps solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I haven't seen reporting of that level in any other tool."
"It comes equipped with an internal applicator, which automatically identifies and addresses vulnerabilities within the program."
"We use the solution for the scanning of vulnerabilities like SQL injections."
"We are able to create a report which shows the PCI DSS scoring and share it with the application teams. Then, they can correlate and see exactly what they need to fix, and why."
"It's very user-friendly for the testing teams. It's very easy for them to understand things and to fix vulnerabilities."
"Acunetix has an awesome crawler. It gives a referral site map of near targets and also goes really deep to find all the inputs without issues. This was valuable because it helped me find some files or directories, like web admin panels without authentication, which were hidden."
"One of the features that I feel is groundbreaking, that I would like to see expanded on, is the IAS feature: The Interactive Application Security Testing module that gets loaded onto an application on a server, for more in-depth, granular findings. I think that is really neat. I haven't seen a lot of competitors doing that."
"The tool's most valuable feature is performance."
"Fortify WebInspect is a scalable solution, it is good for a lot of applications."
"Guided Scan option allows us to easily scan and share reports."
"There are lots of small settings and tools, like an HTTP editor, that are very useful."
"Technical support has been good."
"It's a well-known platform for doing dynamic application scanning."
"The most valuable feature is the static analysis."
"The solution's technical support was very helpful."
"It is scalable and very easy to use."
"We have had issues during upgrades where their scans worked on some apps better with previous versions. Then, we had to work with their tech support, who were great, to get it fixed for the next version."
"In terms of what needs improvement, the way the licensing model is currently is not very convenient for us because initially, when we bought it, the licensing model was very flexible, but now it restricts us."
"I had some issues with the JSON parameters where it found some strange vulnerabilities, but it didn't alert the person using it or me about these vulnerabilities, e.g., an error for SQL injection."
"Currently only supports web scanning."
"Tools that would allow us to work more efficiently with the mobile environment, with Android and iOS."
"It would be nice to have a feature to "retest" only a single vulnerability that the customer reports as patched, and delete it from the next scans since it has already been patched."
"There are some versions of the solution that are not as stable as others."
"There's a clear need for a reduction in pricing to make the service more accessible."
"It requires improvement in terms of scanning. The application scan heavily utilizes the resources of an on-premise server. 32 GB RAM is very high for an enterprise web application."
"The initial setup was complex."
"The scanner could be better."
"We have often encountered scanning errors."
"Fortify WebInspect's shortcoming stems from the fact that it is a very expensive product in Korea, which makes it difficult for its potential customers to introduce the product in their IT environment."
"The solution needs better integration with Microsoft's Azure Cloud or an extension of Azure DevOps. In fact, it should better integrate with any cloud provider. Right now, it's quite difficult to integrate with that solution, from the cloud perspective."
"Fortify WebInspect could improve user-friendliness. Additionally, it is very bulky to use."
"A localized version, for example, in Korean would be a big improvement to this solution."
Acunetix is ranked 6th in DevSecOps with 26 reviews while Fortify WebInspect is ranked 8th in DevSecOps with 17 reviews. Acunetix is rated 7.6, while Fortify WebInspect is rated 7.0. The top reviewer of Acunetix writes "Fantastic reporting features hindered by slow scanning ". On the other hand, the top reviewer of Fortify WebInspect writes "A powerful tool catering to multiple use cases that provides reasonably good technical support". Acunetix is most compared with OWASP Zap, Tenable.io Web Application Scanning, PortSwigger Burp Suite Professional, HCL AppScan and Veracode, whereas Fortify WebInspect is most compared with PortSwigger Burp Suite Professional, Fortify on Demand, OWASP Zap, HCL AppScan and Qualys Web Application Scanning. See our Acunetix vs. Fortify WebInspect report.
See our list of best DevSecOps vendors.
We monitor all DevSecOps reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.