We performed a comparison between Acunetix and Fortify WebInspect based on real PeerSpot user reviews.
Find out in this report how the two DevSecOps solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The tool's most valuable feature is scan configurations. We use it for external physical applications. The scanning time depends on the application's code."
"We are able to create a report which shows the PCI DSS scoring and share it with the application teams. Then, they can correlate and see exactly what they need to fix, and why."
"The solution is highly stable."
"One of the features that I feel is groundbreaking, that I would like to see expanded on, is the IAS feature: The Interactive Application Security Testing module that gets loaded onto an application on a server, for more in-depth, granular findings. I think that is really neat. I haven't seen a lot of competitors doing that."
"Overall, it's a very good tool and a very good engine."
"The most important feature is that it's a web-based graphical user interface. That is a great addition. Also, the ability to schedule scans is great."
"Our developers can run the attacks directly from their environments, desktops."
"Acunetix has an awesome crawler. It gives a referral site map of near targets and also goes really deep to find all the inputs without issues. This was valuable because it helped me find some files or directories, like web admin panels without authentication, which were hidden."
"There are lots of small settings and tools, like an HTTP editor, that are very useful."
"The most valuable feature is the static analysis."
"Reporting, centralized dashboard, and bird's eye view of all vulnerabilities are the most valuable features."
"The user interface is ok and it is very simple to use."
"Good at scanning and finding vulnerabilities."
"The solution's technical support was very helpful."
"The most valuable feature of this solution is the ability to make our customers more secure."
"Technical support has been good."
"There's a clear need for a reduction in pricing to make the service more accessible."
"Acunetix needs to be dynamic with JavaScript code, unlike Netsparker which can scan complex agents."
"While we do have it integrated with other solutions, it could still offer more integrations."
"Acunetix needs to improve its cost."
"The vulnerability identification speed should be improved."
"We want to see how much bandwidth usage it consumes. When we monitor traffic we have issues with the consumption and throttling of the traffic."
"The solution's pricing could be better."
"It should be easier to recreate something manually, with the manual tool, because Acunetix is an automatic tool. If it finds something, it should be easier to manually replicate it. Sometimes you don't get the raw data from the input and output, so that could be improved."
"One thing I would like to see them introduce is a cloud-based platform."
"Lately, we've seen more false negatives."
"It took us between eight and ten hours to scan an entire site, which is somewhat slow and something that I think can be improved."
"The installation could be a bit easier. Usually it's simple to use, but the installation is painful and a bit laborious and complex."
"It requires improvement in terms of scanning. The application scan heavily utilizes the resources of an on-premise server. 32 GB RAM is very high for an enterprise web application."
"We have had a problem with authentification."
"A localized version, for example, in Korean would be a big improvement to this solution."
"We have often encountered scanning errors."
Acunetix is ranked 5th in DevSecOps with 26 reviews while Fortify WebInspect is ranked 7th in DevSecOps with 17 reviews. Acunetix is rated 7.6, while Fortify WebInspect is rated 7.0. The top reviewer of Acunetix writes "Fantastic reporting features hindered by slow scanning ". On the other hand, the top reviewer of Fortify WebInspect writes "A powerful tool catering to multiple use cases that provides reasonably good technical support". Acunetix is most compared with OWASP Zap, Tenable.io Web Application Scanning, PortSwigger Burp Suite Professional, HCL AppScan and Veracode, whereas Fortify WebInspect is most compared with PortSwigger Burp Suite Professional, Fortify on Demand, OWASP Zap, HCL AppScan and Qualys Web Application Scanning. See our Acunetix vs. Fortify WebInspect report.
See our list of best DevSecOps vendors.
We monitor all DevSecOps reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.