Acunetix by Invicti OverviewUNIXBusinessApplication

Acunetix by Invicti is the #8 ranked solution in our list of AST tools. It is most often compared to OWASP Zap: Acunetix by Invicti vs OWASP Zap

What is Acunetix by Invicti?

Acunetix Web Vulnerability Scanner is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross site scripting, and other exploitable vulnerabilities.

Acunetix by Invicti is also known as AcuSensor.

Acunetix by Invicti Buyer's Guide

Download the Acunetix by Invicti Buyer's Guide including reviews and more. Updated: September 2021

Acunetix by Invicti Customers

Joomla!, Digicure, Team Random, Credit Suisse, Samsung, Air New Zealand

Acunetix by Invicti Video

Pricing Advice

What users are saying about Acunetix by Invicti pricing:
  • "When compared with other products, the pricing is a little bit high. But it gives value for the price. It serves the purpose and is worthwhile for the price we pay."
  • "The pricing is a little high, and moreover, it's kind of domain-based."
  • "Implementing Acunetix needs a medium or larger business agency, because you need some money to get Acunetix. It is costly, but if you care about your agency's security, then maybe it's a cost that might help you in the future."
  • "I would say that Acunetix is expensive because there are products on the market with similar features that are equally or better-priced."

Filter Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Saminda Jayawardene
Compliance Manager at a tech services company with 201-500 employees
Real User
Top 5Leaderboard
We are getting notably fewer false positives than previously, but reporting output needs to be simplified

What is our primary use case?

Our company has more than 300 employees and we have regional offices in Japan and Malaysia. We are in the FinTech industry. We do banking solutions, mobile, branch-based, and agent banking. We are also into government projects. We have two lines of application testing. One is for internal application deployments. Before all these deployments, we conduct testing with Acunetix and, based on the report generated, we do remediation. Once the remediation is done we will do more testing. Only once all the vulnerabilities have been fixed is it allowed to be deployed in the organization's environment… more »

Pros and Cons

  • "It's very user-friendly for the testing teams. It's very easy for them to understand things and to fix vulnerabilities."
  • "The jargon used makes it difficult for project managers to understand the issues, and the technical explanations used make it difficult for developers to understand issues. These things should be simplified much more. That would be very helpful for us when explaining to them what needs to be fixed. The report output needs to be simplified."

What other advice do I have?

I would definitely recommend Acunetix to anyone who wants to do one vulnerability assessment from an application development perspective. The amount of time it takes to remediate something will depend on the developer's knowledge and ability to fix vulnerabilities. That doesn't depend on the solution, on Acunetix, but rather on the technical knowhow of the people who engage in that. But that particular jargon and the technical explanations we have for fixing vulnerabilities need to be improved, so that managers who don't have technical knowhow, can easily understand what needs to be done to…
SivaPrakash
Senior Test Engineer II at a financial services firm with 201-500 employees
Real User
Top 5Leaderboard
Fantastic reporting features hindered by slow scanning

What is our primary use case?

We use Acunetix for POC. We have a scanner site website. We have two web applications, related to banking, that primarily serve our customers. We use Acunetix Vulnerability Scanner to ensure that the APAs that have been exposed to the customers are well-protected and don't have any major vulnerabilities. We wanted to have some kind of vulnerability scanner which could evaluate our requests and tell us where any vulnerabilities may reside. For that purpose, we use Acunetix scanner. Originally, we used version 3.12, but they provided us with different products including Acunetix premium and… more »

Pros and Cons

  • "I haven't seen reporting of that level in any other tool."
  • "The vulnerability identification speed should be improved."

What other advice do I have?

The false-positive rate is not that high, but it's not very low either. There were a few false-positive cases that were triggered when we scanned both of our web applications. So, they're not minimal, but they're not high either, they occur somewhere in between. The time it takes to remediate issues with Acunetix depends on the type of issue. Minor issues can be resolved within a day. Bigger issues, involving debugging from scratch can take around a week. In total, we experienced about five high-level vulnerabilities, three mid-level, and 17 low-level vulnerabilities. We also found a few…
Learn what your peers think about Acunetix by Invicti. Get advice and tips from experienced pros sharing their opinions. Updated: September 2021.
533,638 professionals have used our research since 2012.
IB
Security Engineer at Secure Network
Real User
Top 5
Very easy to set up because they give you an installer that does everything

What is our primary use case?

We needed it to scan our internal network and web applications. Our security team of five people used it. We scheduled some monthly scans for web applications, which were not being used, to check for vulnerabilities and also vulnerabilities on new features.

Pros and Cons

  • "Acunetix has an awesome crawler. It gives a referral site map of near targets and also goes really deep to find all the inputs without issues. This was valuable because it helped me find some files or directories, like web admin panels without authentication, which were hidden."
  • "I had some issues with the JSON parameters where it found some strange vulnerabilities, but it didn't alert the person using it or me about these vulnerabilities, e.g., an error for SQL injection."

What other advice do I have?

We found 50 unexpected, high vulnerabilities for three web applications. This made our principal a bit mad. We found three or four DOM-based XSS vulnerabilities using this solution. It did not require maintenance on our part. We just needed to give it some credentials. I would rate it as a nine out of 10.
Anubhav Goswami
Security Specialist at a tech services company with 11-50 employees
Real User
Top 10
User-friendly and easy to set up but is a bit expensive

What is our primary use case?

The solution is mostly used for vulnerability scanning purposes.

Pros and Cons

  • "There is a lot of documentation on their website which makes setting it up and using it quite simple."
  • "The pricing is a bit on the higher side."

What other advice do I have?

We are into telecommunications, we have bought this product from the vendors. We're using the latest version of the solution. We try to only use the most up-to-date option. Overall, the tool is efficient enough to identify and track your vulnerabilities and it's good for intelligence scanning purposes. I'd advise users to just be cautious while the installation happens in terms of what logins are included and what are missing. The main thing is that users have to define their scope and objectives and only on the basis of that will the tool work. That said, you always have choices in the market…
MM
IT Manager at a financial services firm with 1,001-5,000 employees
Real User
Simple to use and achieves the required results but more efficiency with the mobile environment would be helpful

What is our primary use case?

I'm an IT Manager and we're a customer of Acunetix. We use the automatic tool to control the security of our applications. For the time being, we have two or three people in the company working with the solution, setting up all of the parameters, all the attacks. We have 15 separate groups in the company, most are testing the tool and learning how to use it. We will deploy the tool for the rest of the company at the beginning of next year.

Pros and Cons

  • "Our developers can run the attacks directly from their environments, desktops."
  • "Tools that would allow us to work more efficiently with the mobile environment, with Android and iOS."

What other advice do I have?

I would recommend the product. It's very easy to integrate with Jenkins, with ALM. The most important element for us is that it's very easy for developers to use. They don't need to have any knowledge about security, threats or anything. They just run the tool against their application, and that's it. They get the results. I would rate this product a seven out of 10.
Letsogile-Baloi
CEO at IMART OFFICE CONSULTANTS
Reseller
Top 5Leaderboard
Simple to use and does not report many false positives or false negatives

What is our primary use case?

This solution is a WAF (web application firewall). The primary use case of this solution is to secure web applications against cross-site scripting and other forms of malware that occur at the application level. We last used Acunetix in December and we have switched to Barracuda.

Pros and Cons

  • "It can operate both as a standalone and it can be integrated with other applications, which makes it a very versatile solution to have."
  • "When monitoring the traffic we always have issues with the bandwidth consumption and the throttling of traffic."

What other advice do I have?

This is a solution that I would recommend. I would rate it an eight out of ten.
JC
Executive Director at a financial services firm with 201-500 employees
Real User
Assists greatly with our financial compliance reporting but only supports web scanning

What is our primary use case?

We have quite a few applications that we scan. We have a requirement to meet PCI DSS compliance and we deal with it by producing reports on a quarterly or a part-quarterly evaluation. We are customers of Acunetix and I'm the executive director of our company.

Pros and Cons

  • "Picks up weaknesses in our app setups."
  • "Currently only supports web scanning."

What other advice do I have?

The solution meets our requirements, it's just that we were moved from a perpetual license to an annual license and that has significantly increased our annual fees. Here in Bangladesh, we're trying to check comparable products in the same price range and see what they offer. I would rate this solution a seven out of 10.
GT
Project Manager at a computer software company with 1,001-5,000 employees
Real User
Good usability and scan results

What is our primary use case?

Our primary use case is scanning our websites for security flaws.

Pros and Cons

  • "The usability and overall scan results are good."
  • "There is room for improvement in website authentication because I've seen other products that can do it much better."

What other advice do I have?

The product is quite good, but their sales techniques are poor and the sales teams need to be improved. They also should have provided a lot more information about the new licensing scheme when they changed it. I would rate this solution an eight out of ten.
See 3 more Acunetix by Invicti Reviews
Buyer's Guide
Download our free Acunetix by Invicti Report and get advice and tips from experienced pros sharing their opinions.