Acunetix Vulnerability Scanner Valuable Features

It's very user-friendly for the testing teams. It's very easy for them to understand things and to fix vulnerabilities. For anyone who does development, Acunetix is going to be a very powerful tool, and very easy to use. It gives all the required information for fixing your vulnerabilities. View full review »

The reporting is pretty good. I haven't seen reporting of that level in any other tool. It also allows for segregation. If I want to generate a report regarding vulnerabilities, I can simply select that particularly vulnerable section and it will generate a report with all the work in the web application. Similarly, for PCAD assisting, I can also generate a report — in multiple formats, including PDF, HTML, and doc files. Segregation of reports is really, really good with Acunetix; it provides us with a lot of in-depth details. This feature stood out when comparing Acunetix with other tools. It provides me with a list of vulnerabilities that we weren't able to identify when doing manual penetration testing. It located and picked out some hidden vulnerabilities as well, which are hard to spot with the naked eye. View full review »

The crawl only scan for trying to figure out at which points of the site that you'll actually be able to reach within the full scan. That's pretty useful. If you're just trying to test your login sequence, it is nice. It'll tell you which parts of your website it will initially scan, and you can actually go through and disable parts if you know you're not going to have to scan those parts. Then, later on, you go back and do a full scan for deep penetration of the site. View full review »

The ability to be on the website and test for different vulnerabilities. We are able to create a report which shows the PCI DSS scoring and share it with the application teams. Then, they can correlate and see exactly what they need to fix, and why. I can have a scan set up within five to ten minutes by double checking the login script works, so it doesn't take long at all. We have found a few cross-site scripting vulnerabilities. View full review »

What I found to be valuable was the fully automated scanner because it is really fast. Acunetix has an awesome crawler. It gives a referral site map of near targets and also goes really deep to find all the inputs without issues. This was valuable because it helped me find some files or directories, like web admin panels without authentication, which were hidden. Acunetix saves on the cost of time because it is fast. When Acunetix finds a vulnerability, it also checks for a false positive so it can be a 100 percent sure about the issue that it found. The false positives are really low, maybe one percent. View full review »

The most important feature is that we are able to parameterize all of the attacks so that our developers can run the attacks directly from their environments and desktops. They don't need any expertise or to know the difficulties of the attacker; they just run the tool and get the results. View full review »

This solution is easy and quick to set up and use. Most of the time, all it takes is entering a website's URL and clicking on the scan button. Obviously, this is not usually the recommended way to use it, but to get an initial picture of the target's possible vulnerabilities it is a very comfortable starting point. In fact, often a proper penetration test requires emulating a real user of the target application and logging in. The vulnerabilities that can be discovered when logged in normally outnumber the ones that can be discovered by a "simple" black-box approach. Acunetix allows recording a login session and replying it during its attack phase and this is quite convenient. View full review »

The scalability is more than good. It can operate both as a standalone and it can be integrated with other applications, which makes it a very versatile solution to have. This solution is simple enough, especially with the cloud. You can download the client onto your machines and then you start filtering your traffic from there. View full review »

We're happy with Acunetix although we're currently looking for a more cost effective solution. There might be a better product on the market and we're looking for that. What I gather from my colleagues who do the scanning is that this solution picks up any weaknesses in terms of our application setup as well as reading our application and finding the weaknesses. We need that PCI DSS report which is important for us. The solution is comprehensive and easy to use. View full review »

The usability and overall scan results are good. View full review »

For us, the most valuable aspect of the solution is the log-sequence feature. The main components covering most of the SQL injection findings are quite useful. We've never faced any maintenance issues. View full review »

The vulnerability scanning option for analyzing the security loopholes on the websites is the most valuable feature of this solution. View full review »

The scalability is good. The scalability is more than good because it can operate both as a standalone and it can be integrated as part of applications. So that really makes it a very, very versatile solution to have. View full review »