Acunetix Valuable Features

SS
Senior Test Engineer II at a financial services firm with 201-500 employees

The reporting is pretty good. I haven't seen reporting of that level in any other tool. It also allows for segregation. If I want to generate a report regarding vulnerabilities, I can simply select that particularly vulnerable section and it will generate a report with all the work in the web application. 

Similarly, for PCAD assisting, I can also generate a report — in multiple formats, including PDF, HTML, and doc files. 

Segregation of reports is really, really good with Acunetix; it provides us with a lot of in-depth details. This feature stood out when comparing Acunetix with other tools.

It provides me with a list of vulnerabilities that we weren't able to identify when doing manual penetration testing. It located and picked out some hidden vulnerabilities as well, which are hard to spot with the naked eye.

View full review »
MarceloPrintac - PeerSpot reviewer
VP Business Development at MultiPoint Ltd.

Acunetix is the best service in the world. It is easy to manage. It gives a lot of information to the users to see and identify problems in their site or applications. It works very well. 

View full review »
Andrei Bigdan - PeerSpot reviewer
Executive Manager at B2B-solutions.pro

The most valuable feature of the solution is the speed at which it can scan multiple domains in just a few hours.

View full review »
Buyer's Guide
Application Security Tools
March 2024
Find out what your peers are saying about Invicti, PortSwigger, Qualys and others in Application Security Tools. Updated: March 2024.
765,234 professionals have used our research since 2012.
JS
Hardware Engineer at Ministry of Defense

One of its primary features is its ability to offer automated solutions for application security. It comes equipped with an internal applicator, which automatically identifies and addresses vulnerabilities within the program. It then provides insights on how to rectify these issues, even showcasing the payloads and other relevant information in the report. Occasionally, it may generate some false positives, but for the most part, it delivers reports that are approximately 80% accurate. This allows users to manually test the function and ascertain its functionality. It also allows for communication with external entities, vendors, and servers used by the application. This information encompasses server hosting details, the status of open or closed ports, and insights into Indian Palantir, among others. These features make it an invaluable resource for those seeking to comprehensively understand their website's infrastructure and potential vulnerabilities.

View full review »
Adetunji Adeoje - PeerSpot reviewer
Team Lead, Application Security at First City Monument Bank Limited

The tool's most valuable feature is scan configurations. We use it for external physical applications. The scanning time depends on the application's code. 

View full review »
DD
Senior Security Engineer at a insurance company with 10,001+ employees

The ability to be on the website and test for different vulnerabilities. 

We are able to create a report which shows the PCI DSS scoring and share it with the application teams. Then, they can correlate and see exactly what they need to fix, and why.

I can have a scan set up within five to ten minutes by double checking the login script works, so it doesn't take long at all.

We have found a few cross-site scripting vulnerabilities.

View full review »
HA
Head Information Secretary at a manufacturing company with 1,001-5,000 employees

The tool's most valuable feature is performance.

View full review »
Michael Poon - PeerSpot reviewer
Director at NETdefence Co. Limited

The solution's most valuable feature is its capability to scan the rest APIs. 

View full review »
it_user1441263 - PeerSpot reviewer
Security Engineer at Secure Network

What I found to be valuable was the fully automated scanner because it is really fast. 

Acunetix has an awesome crawler. It gives a referral site map of near targets and also goes really deep to find all the inputs without issues. This was valuable because it helped me find some files or directories, like web admin panels without authentication, which were hidden.

Acunetix saves on the cost of time because it is fast.

When Acunetix finds a vulnerability, it also checks for a false positive so it can be a 100 percent sure about the issue that it found. The false positives are really low, maybe one percent.

View full review »
JW
Senior Security Engineer at a media company with 1,001-5,000 employees

Scheduling of testing cuts down on the manual, tedious activities that go into setting up a test site.

One of the features that I feel is groundbreaking, that I would like to see expanded on, is the IAS feature: The Interactive Application Security Testing module that gets loaded onto an application on a server, for more in-depth, granular findings. I think that is really neat. I haven't seen a lot of competitors doing that.

View full review »
LB
CEO at IMART OFFICE CONSULTANTS

The scalability is more than good. It can operate both as a standalone and it can be integrated with other applications, which makes it a very versatile solution to have. 

This solution is simple enough, especially with the cloud. You can download the client onto your machines and then you start filtering your traffic from there.

View full review »
LB
CEO at IMART OFFICE CONSULTANTS

The scalability is good. The scalability is more than good because it can operate both as a standalone and it can be integrated as part of applications. So that really makes it a very, very versatile solution to have.

View full review »
CL
Cyber Security Associate at a consultancy with 10,001+ employees

For us, the most valuable aspect of the solution is the log-sequence feature.

The main components covering most of the SQL injection findings are quite useful.

We've never faced any maintenance issues.

View full review »
ZB
Security Engineer at a tech services company with 51-200 employees

The crawl only scan for trying to figure out at which points of the site that you'll actually be able to reach within the full scan. That's pretty useful. If you're just trying to test your login sequence, it is nice. It'll tell you which parts of your website it will initially scan, and you can actually go through and disable parts if you know you're not going to have to scan those parts. Then, later on, you go back and do a full scan for deep penetration of the site.

View full review »
GT
Project Manager at a computer software company with 1,001-5,000 employees

The usability and overall scan results are good.

View full review »
JC
Executive Director at a financial services firm with 201-500 employees

We're happy with Acunetix although we're currently looking for a more cost effective solution. There might be a better product on the market and we're looking for that. What I gather from my colleagues who do the scanning is that this solution picks up any weaknesses in terms of our application setup as well as reading our application and finding the weaknesses. We need that PCI DSS report which is important for us. The solution is comprehensive and easy to use. 

View full review »
BK
Manager for Technology Services at a non-tech company with 10,001+ employees

The vulnerability scanning option for analyzing the security loopholes on the websites is the most valuable feature of this solution. 

View full review »
reviewer1155117 - PeerSpot reviewer
Works at a educational organization with 501-1,000 employees

This solution is easy and quick to set up and use. Most of the time, all it takes is entering a website's URL and clicking on the scan button.

Obviously, this is not usually the recommended way to use it, but to get an initial picture of the target's possible vulnerabilities it is a very comfortable starting point.

In fact, often a proper penetration test requires emulating a real user of the target application and logging in.

The vulnerabilities that can be discovered when logged in normally outnumber the ones that can be discovered by a "simple" black-box approach.

Acunetix allows recording a login session and replying it during its attack phase and this is quite convenient.

View full review »
AG
Security Specialist at a tech services company with 11-50 employees

I'm drawn to Information Security. I immediately look for security threats vulnerabilities. Therefore, the report generation, the reports that are being monitored are great in that they were very easy to read and understand. 

It's user-friendly and the language that they use is pretty good. 

Overall, the tool is very good in context. It's definitely helpful from a tech intelligence perspective and for identifying vulnerabilities. I like that we can sort the vulnerabilities based on severity levels. 

The initial setup is easy.

There is a lot of documentation on their website which makes setting it up and using it quite simple.

Technical support is available 24/7.

View full review »
JT
Lead Information Security Engineer at a financial services firm with 1,001-5,000 employees

The most important feature is that it's a web-based graphical user interface. That is a great addition. Also, the ability to schedule scans is great.

The speed of Acunetix has been pretty good. It's been the same as most other tools that we use, but it's been good.

View full review »
SJ
Compliance Manager at a tech services company with 201-500 employees

It's very user-friendly for the testing teams. It's very easy for them to understand things and to fix vulnerabilities. For anyone who does development, Acunetix is going to be a very powerful tool, and very easy to use. It gives all the required information for fixing your vulnerabilities.

View full review »
MM
IT Manager at a financial services firm with 1,001-5,000 employees

The most important feature is that we are able to parameterize all of the attacks so that our developers can run the attacks directly from their environments and desktops. They don't need any expertise or to know the difficulties of the attacker; they just run the tool and get the results.

View full review »
KJ
CEO at a tech consulting company with 11-50 employees

The solution is a very flexible tool.

Overall, it's a very good tool and a very good engine.

The product is very scalable.

We found the solution to be quite stable.

For the number of features on offer, the price point is quite good.

The installation is very straightforward.

View full review »
Le Viet - PeerSpot reviewer
Security Consultant at VNCS

The most valuable feature of Acunetix is the UI and the scan results are simple.

View full review »
VN
Director - Head of Delivery Services at Ticking Minds Technology Solutions Pvt Ltd
  • Login Sequence Recorder
  • Scan throttling
  • Fantastic reporting output.
View full review »
Buyer's Guide
Application Security Tools
March 2024
Find out what your peers are saying about Invicti, PortSwigger, Qualys and others in Application Security Tools. Updated: March 2024.
765,234 professionals have used our research since 2012.