I have used Netsparker before. 

The speed is phenomenal. Some of our applications can do a scan in less ten minutes, even some of our bigger scans. We were using Micro Focus Fortify WebInspect when it is was owned by HPE, and it would take two or three days for it to scan everything. Acunetix can scan everything within 13 hours, which is sort of long time, but still much shorter than the other apps that we were using. So, it seems to be pretty quick and pretty thorough.

We switched solutions because of cost and the timing of the scans was taking too long. 

They were previously using Fortify WebInspect, which was good, but very costly.

We are now doing a profile on Barracuda because we are partners but we don't have clients yet. It is very difficult to profile because we don't have a live environment. The only way we could have a live environment is if we deploy it in-house.

We deployed in-house to test the cloud solution and we are moving to LV1 solutions within our MSP.

We were bringing everything on top of a CASB, a cloud broker for security. We had to look at different solutions to see what could be brought on top of the CASBplatform and what we would be leaving out from the previous partnerships. We wanted to look at a different solution.

Before switching to this solution we used the Burp Suite Pro. We switched because we found this solution's findings more accurate. It has better performance.

I'm still learning how to use this solution. We were using the Burp Suite and its scan before this, which is very similar. I would actually say that the Burp Suite finds quite a bit more vulnerabilities than Acunetix does.

I think the company previously used Netsparker and that was even more expensive than Acunetix. 

Previously I was using IBM Rational AppScan, Burp Suite, and some other open-source tools.

I switched from AppScan to Acunetix mainly because of a better price/value ratio when I had purchased my perpetual license (which now, unfortunately, is not available anymore).

Although we are working with Acunetix, we are planning to migrate to Nessus in the future. We used Nessus around seven or so years ago. The current solution is a good one, however, my organization wants to try a new, different product. That is the reason we now moving to Nessus.

The speed of Acunetix would be about the same as previous solutions we've used. Most of the time I just kick it off, walk away, come back later, and check it out. The speed is not the most important thing for us. Of course, we don't want it to drag on too long.

The false-positive rate has also been comparable to most other tools we use. I wouldn't say that it's best-in-class. One of the biggest problems I've had with Acunetix is that it's hard to replicate things manually because you don't get the raw packet. Its debugging functionality hasn't been the best.

The company had been using InMap and was using manual vulnerability assessment practices, using Kali Linux and some open source applications. But once I joined the company, we changed to a different level because we are an ISO 27000 certified company as well as being PCI DSS application certified with a PCI DSS certified data center. We host payment applications on behalf of Sri Lankan and Malaysian banks. Because of that we introduced these automation systems. We use Acunetix and we use PortSwigger and some other tools.

We used Nessus and we have experience with QualysGuard as well, but Acunetix gives us code-level identification of vulnerabilities and a good understanding of the code-level vulnerability fixes. It is much more helpful for us because we can understand how to fix the vulnerabilities at the code level. The vulnerability identification is much more powerful in Acunetix than in any other tool.

For static analysis, we previously used different tools. 

We carried out an evaluation comparing different tools, and Acunetix was the one that most of us liked. 

I have used previously used other solutions, such as Aspen and Laguna. We chose Acunetix because it is easy to use.