Acunetix by Invicti Overview
What is Acunetix by Invicti?
Acunetix Web Vulnerability Scanner is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross site scripting, and other exploitable vulnerabilities.
Acunetix by Invicti is also known as AcuSensor.
Acunetix by Invicti Buyer's Guide
Download the Acunetix by Invicti Buyer's Guide including reviews and more. Updated: July 2021
Acunetix by Invicti Customers
Joomla!, Digicure, Team Random, Credit Suisse, Samsung, Air New Zealand
Acunetix by Invicti Video
What users are saying about Acunetix by Invicti pricing:
- "When compared with other products, the pricing is a little bit high. But it gives value for the price. It serves the purpose and is worthwhile for the price we pay."
- "The pricing is a little high, and moreover, it's kind of domain-based."
- "Implementing Acunetix needs a medium or larger business agency, because you need some money to get Acunetix. It is costly, but if you care about your agency's security, then maybe it's a cost that might help you in the future."
- "All things considered, I think it has a good price/value ratio."
- Highest Rating
- Lowest Rating
- Review Length
Showingreviews based on the current filters.
Compliance Manager at a tech services company with 201-500 employees
We are getting notably fewer false positives than previously, but reporting output needs to be simplified
What is our primary use case?Our company has more than 300 employees and we have regional offices in Japan and Malaysia. We are in the FinTech industry. We do banking solutions, mobile, branch-based, and agent banking. We are also into government projects. We have two lines of application testing. One is for internal application deployments. Before all these deployments, we conduct testing with Acunetix and, based on the report generated, we do remediation. Once the remediation is done we will do more testing. Only once all the vulnerabilities have been fixed is it allowed to be deployed in the organization's environment… more »
Pros and Cons
- "It's very user-friendly for the testing teams. It's very easy for them to understand things and to fix vulnerabilities."
- "The jargon used makes it difficult for project managers to understand the issues, and the technical explanations used make it difficult for developers to understand issues. These things should be simplified much more. That would be very helpful for us when explaining to them what needs to be fixed. The report output needs to be simplified."
What other advice do I have?I would definitely recommend Acunetix to anyone who wants to do one vulnerability assessment from an application development perspective. The amount of time it takes to remediate something will depend on the developer's knowledge and ability to fix vulnerabilities. That doesn't depend on the solution, on Acunetix, but rather on the technical knowhow of the people who engage in that. But that particular jargon and the technical explanations we have for fixing vulnerabilities need to be improved, so that managers who don't have technical knowhow, can easily understand what needs to be done to…
Senior Test Engineer II at a financial services firm with 201-500 employees
Fantastic reporting features hindered by slow scanning
What is our primary use case?We use Acunetix for POC. We have a scanner site website. We have two web applications, related to banking, that primarily serve our customers. We use Acunetix Vulnerability Scanner to ensure that the APAs that have been exposed to the customers are well-protected and don't have any major vulnerabilities. We wanted to have some kind of vulnerability scanner which could evaluate our requests and tell us where any vulnerabilities may reside. For that purpose, we use Acunetix scanner. Originally, we used version 3.12, but they provided us with different products including Acunetix premium and… more »
Pros and Cons
- "I haven't seen reporting of that level in any other tool."
- "The vulnerability identification speed should be improved."
What other advice do I have?The false-positive rate is not that high, but it's not very low either. There were a few false-positive cases that were triggered when we scanned both of our web applications. So, they're not minimal, but they're not high either, they occur somewhere in between. The time it takes to remediate issues with Acunetix depends on the type of issue. Minor issues can be resolved within a day. Bigger issues, involving debugging from scratch can take around a week. In total, we experienced about five high-level vulnerabilities, three mid-level, and 17 low-level vulnerabilities. We also found a few…
Learn what your peers think about Acunetix by Invicti. Get advice and tips from experienced pros sharing their opinions. Updated: July 2021.
521,690 professionals have used our research since 2012.
Security Engineer at Secure Network
Real UserTop 5
Dec 1, 2020
Very easy to set up because they give you an installer that does everything
What is our primary use case?We needed it to scan our internal network and web applications. Our security team of five people used it. We scheduled some monthly scans for web applications, which were not being used, to check for vulnerabilities and also vulnerabilities on new features.
Pros and Cons
- "Acunetix has an awesome crawler. It gives a referral site map of near targets and also goes really deep to find all the inputs without issues. This was valuable because it helped me find some files or directories, like web admin panels without authentication, which were hidden."
- "I had some issues with the JSON parameters where it found some strange vulnerabilities, but it didn't alert the person using it or me about these vulnerabilities, e.g., an error for SQL injection."
What other advice do I have?We found 50 unexpected, high vulnerabilities for three web applications. This made our principal a bit mad. We found three or four DOM-based XSS vulnerabilities using this solution. It did not require maintenance on our part. We just needed to give it some credentials. I would rate it as a nine out of 10.
Security Specialist at a tech services company with 11-50 employees
Real UserTop 10
Jun 19, 2021
User-friendly and easy to set up but is a bit expensive
What is our primary use case?The solution is mostly used for vulnerability scanning purposes.
Pros and Cons
- "There is a lot of documentation on their website which makes setting it up and using it quite simple."
- "The pricing is a bit on the higher side."
What other advice do I have?We are into telecommunications, we have bought this product from the vendors. We're using the latest version of the solution. We try to only use the most up-to-date option. Overall, the tool is efficient enough to identify and track your vulnerabilities and it's good for intelligence scanning purposes. I'd advise users to just be cautious while the installation happens in terms of what logins are included and what are missing. The main thing is that users have to define their scope and objectives and only on the basis of that will the tool work. That said, you always have choices in the market…
IT Manager at a financial services firm with 1,001-5,000 employees
Nov 18, 2019
Simple to use and achieves the required results but more efficiency with the mobile environment would be helpful
What is our primary use case?I'm an IT Manager and we're a customer of Acunetix. We use the automatic tool to control the security of our applications. For the time being, we have two or three people in the company working with the solution, setting up all of the parameters, all the attacks. We have 15 separate groups in the company, most are testing the tool and learning how to use it. We will deploy the tool for the rest of the company at the beginning of next year.
Pros and Cons
- "Our developers can run the attacks directly from their environments, desktops."
- "Tools that would allow us to work more efficiently with the mobile environment, with Android and iOS."
What other advice do I have?I would recommend the product. It's very easy to integrate with Jenkins, with ALM. The most important element for us is that it's very easy for developers to use. They don't need to have any knowledge about security, threats or anything. They just run the tool against their application, and that's it. They get the results. I would rate this product a seven out of 10.
Aug 10, 2019
Testing websites is fast and efficient, but the executive summary reports need improvement
What is our primary use case?I am a freelance consultant and I use this product to scan customer's web sites. Most of the time, I use it to perform black-box analysis. The automated approach to these repetitive discovery attempts would take days to do manually and therefore it helps reduce the time needed to do an assessment.
Pros and Cons
- "The automated approach to these repetitive discovery attempts would take days to do manually and therefore it helps reduce the time needed to do an assessment."
- "It would be nice to have a feature to "retest" only a single vulnerability that the customer reports as patched, and delete it from the next scans since it has already been patched."
Simple to use and does not report many false positives or false negatives
What is our primary use case?This solution is a WAF (web application firewall). The primary use case of this solution is to secure web applications against cross-site scripting and other forms of malware that occur at the application level. We last used Acunetix in December and we have switched to Barracuda.
Pros and Cons
- "It can operate both as a standalone and it can be integrated with other applications, which makes it a very versatile solution to have."
- "When monitoring the traffic we always have issues with the bandwidth consumption and the throttling of traffic."
What other advice do I have?This is a solution that I would recommend. I would rate it an eight out of ten.
Executive Director at a financial services firm with 201-500 employees
Real UserTop 20
Aug 20, 2020
Assists greatly with our financial compliance reporting but only supports web scanning
What is our primary use case?We have quite a few applications that we scan. We have a requirement to meet PCI DSS compliance and we deal with it by producing reports on a quarterly or a part-quarterly evaluation. We are customers of Acunetix and I'm the executive director of our company.
Pros and Cons
- "Picks up weaknesses in our app setups."
- "Currently only supports web scanning."
What other advice do I have?The solution meets our requirements, it's just that we were moved from a perpetual license to an annual license and that has significantly increased our annual fees. Here in Bangladesh, we're trying to check comparable products in the same price range and see what they offer. I would rate this solution a seven out of 10.
See 5 more Acunetix by Invicti Reviews
Download our free Acunetix by Invicti Report and get advice and tips from experienced pros sharing their opinions.
- Penetration Testing
- SQL Injection
- Primary Use Case
- Valuable Features
- Room for Improvement
- When evaluating Application Security, what aspect do you think is the most important to look for?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- Is SonarQube the best tool for static analysis?
- How was the 2020 Twitter Hack carried out? How could it have been prevented?
- SAST vs. DAST: Which is better for application security testing?
- What is the difference between Coverity and SonarQube?