Acunetix Vulnerability Scanner Overview

Acunetix Vulnerability Scanner is the #6 ranked solution in our list of top Vulnerability Management tools. It is most often compared to OWASP Zap: Acunetix Vulnerability Scanner vs OWASP Zap

What is Acunetix Vulnerability Scanner?

Acunetix Web Vulnerability Scanner is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross site scripting, and other exploitable vulnerabilities.

Acunetix Vulnerability Scanner is also known as AcuSensor.

Acunetix Vulnerability Scanner Buyer's Guide

Download the Acunetix Vulnerability Scanner Buyer's Guide including reviews and more. Updated: June 2021

Acunetix Vulnerability Scanner Customers

Joomla!, Digicure, Team Random, Credit Suisse, Samsung, Air New Zealand

Acunetix Vulnerability Scanner Video

Filter Archived Reviews (More than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
ZB
Security Engineer at a tech services company with 51-200 employees
Real User
It provides quite a lot information about vulnerabilities, but we are also receiving false positives around cross site scripting vulnerabilities

What is our primary use case?

We use it as a dynamic scanner for testing our websites. We also adjust it into another tool that we use which allows us to share our report with our developers.

Pros and Cons

  • "Their technical support has been very active. If I have an issue, I can reach out to them and get an answer pretty quick."
  • "You can't actually change your password after you've set it unless you go back into the administration account and you change it there. Thus, if you're locked out and don't remember your password, that's a thing."

What other advice do I have?

While there has not been any real reduction in remediation time, there has been a reduction in scan time. Because when you're doing a Burp scan, it can take a long time. Whereas, with Acunetix, you can basically just set it, then it will scan throughout the night. On bigger sites, the speed can be a little tricky unless you are narrowing it down to smaller sections of the site. On small sites, half a million lines of code or less, it has gotten pretty nice and quick, down to a couple hours now for a whole scan. So, it's getting there. They are pushing out quite a few updates, every now and…
DD
Senior Security Engineer at a insurance company with 10,001+ employees
Real User
Our apps are more secure because the solution improves our processes and findings

What is our primary use case?

We are doing dynamic code testing with some of our different websites and other applications that we've developed in-house. Right now, we are doing the basic kick-off the target, control, and see what it comes up with in the report. We haven't done any importing yet. We are using the Windows onsite solution.

Pros and Cons

  • "We are able to create a report which shows the PCI DSS scoring and share it with the application teams. Then, they can correlate and see exactly what they need to fix, and why."
  • "We have had issues during upgrades where their scans worked on some apps better with previous versions. Then, we had to work with their tech support, who were great, to get it fixed for the next version."

What other advice do I have?

It is a pretty good product. Do a demo and test whatever application that you are using right now. If you have a site where it is more difficult to identify vulnerabilities, or you have issues scanning, use this to check your particular software. If it can handle your more challenging apps, then it will definitely handle the easier, less technical sites. We view it on a very traditional PC. Aesthetically, you can see what you are looking for. Unfortunately, we don't utilize the dashboard as much as we should and take full advantage of it. Right now, we're pretty much in the infancy of building…
Learn what your peers think about Acunetix Vulnerability Scanner. Get advice and tips from experienced pros sharing their opinions. Updated: June 2021.
510,534 professionals have used our research since 2012.
Director - Head of Delivery Services at Ticking Minds Technology Solutions Pvt Ltd
Real User
Top 5Leaderboard
Fantastic reporting output but vulnerable requests currently need to be picked from the report and repeated with other tools

What is our primary use case?

Assessing top OWASP in applications.
JW
Senior Security Engineer at a media company with 1,001-5,000 employees
Real User
Interactive Application Security Testing provides more in-depth, granular findings, but integration with other tools is very limited

What is our primary use case?

Dynamic application security testing is our primary use case. I don't know if it would be used as a primary solution, but as a supplemental solution, Acunetix is very good for scanning applications and finding vulnerabilities. We're a global organization. We're a large book publisher around the world. We use it globally: China, Australia, Europe, Asia, India, South America, Canada, and the USA. It's a global solution.

Pros and Cons

  • "One of the features that I feel is groundbreaking, that I would like to see expanded on, is the IAS feature: The Interactive Application Security Testing module that gets loaded onto an application on a server, for more in-depth, granular findings. I think that is really neat. I haven't seen a lot of competitors doing that."
  • "Integration into other tools is very limited for Acunetix. While we're trying to incorporate a CI/CD process where we're integrating with JIRA and we're integrating with Jenkins and Chef, it becomes problematic. Other tools give you a high integration capability to connect into different solutions that you may already have, like JIRA."

What other advice do I have?

At the current pricing structure, I would tell people to do their research. If you have X amount of dollars to spend in the budget, and you're looking for a good solution, definitely consider Acunetix, but also consider other tools for similar features and functionalities where you may get a little bit more bang for your dollar, frankly, versus a tool that's still maturing as it's starting to take market share. Acunetix is a very intermediate tool. It's not an advanced DAST solution. It's still in its infancy. There's a lot of the solution to still build out, a lot of features to still work…
JT
Lead Information Security Engineer at a financial services firm with 1,001-5,000 employees
Real User
Web-based GUI and the ability to schedule scans are great, but findings are hard to manually replicate

What is our primary use case?

We use it for internal penetration testing, for security reviews. Acunetix is just one tool of many that we use. We try to cover as much as possible during assessments. We do security assessments of all the code and everything we develop internally. When we do a security assessment, we do a manual code review and we use different kinds of tools, as well as manual testing against the application, etc. It's just one tool within many that we use. It has been very useful in that it's found things that we otherwise might have missed.

Pros and Cons

  • "The most important feature is that it's a web-based graphical user interface. That is a great addition. Also, the ability to schedule scans is great."
  • "It should be easier to recreate something manually, with the manual tool, because Acunetix is an automatic tool. If it finds something, it should be easier to manually replicate it. Sometimes you don't get the raw data from the input and output, so that could be improved."

What other advice do I have?

Think about the usage of the product. What are you going to use it for? Try to see the whole picture. It's very important to see the whole picture: This is one component in web application security testing. It's not only the security scanner. If you ask how long it takes to complete a scan using this solution, it's like asking, "How long is a rope?" It's very dependent on the applications. It can be anything from 20 minutes to many hours, even 12 to 18 hours. We use it for ten or 15 websites or locations. We just do a test and then we come back. We have many applications that we test yearly…
Buyer's Guide
Download our free Acunetix Vulnerability Scanner Report and get advice and tips from experienced pros sharing their opinions.