We performed a comparison between Acunetix and Veracode based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The tool's most valuable feature is scan configurations. We use it for external physical applications. The scanning time depends on the application's code."
"Overall, it's a very good tool and a very good engine."
"Acunetix has an awesome crawler. It gives a referral site map of near targets and also goes really deep to find all the inputs without issues. This was valuable because it helped me find some files or directories, like web admin panels without authentication, which were hidden."
"Picks up weaknesses in our app setups."
"The vulnerability scanning option for analyzing the security loopholes on the websites is the most valuable feature of this solution."
"We use the solution for the scanning of vulnerabilities like SQL injections."
"It comes equipped with an internal applicator, which automatically identifies and addresses vulnerabilities within the program."
"The usability and overall scan results are good."
"The ability on static scans to be able to do sandbox scans which do not generate metrics."
"It gives me an idea about the most important vulnerabilities and fast remediation tips."
"The coverage of the last vulnerabilities reported."
"One of the best things they offer is the scalability. The fact that you can work with it through the cloud means that if you have unintegrated business units, you don't have to worry about having a solution on-prem and having the network connection; you don't have to worry about giving up source code, you are just sending your binary files for most of the applications. So it scales much faster."
"The SAST and DAST modules are great."
"Wide range of platforms and technology assessments."
"The integration capabilities with our existing development tools are very good."
"The coding standards in our development group have improved. From scanning our code we've learned the patterns and techniques to make our code more secure. An example would be SQL injection. We have mitigated all the SQL injection in our applications."
"Acunetix needs to include agent analysis."
"Acunetix needs to be dynamic with JavaScript code, unlike Netsparker which can scan complex agents."
"The only problem that they have is the price. It is a bit expensive, and you cannot change the number of applications for the whole year."
"The jargon used makes it difficult for project managers to understand the issues, and the technical explanations used make it difficult for developers to understand issues. These things should be simplified much more. That would be very helpful for us when explaining to them what needs to be fixed. The report output needs to be simplified."
"When monitoring the traffic we always have issues with the bandwidth consumption and the throttling of traffic."
"The vulnerability identification speed should be improved."
"It should be easier to recreate something manually, with the manual tool, because Acunetix is an automatic tool. If it finds something, it should be easier to manually replicate it. Sometimes you don't get the raw data from the input and output, so that could be improved."
"The solution limits the number of scans. It would be much better if we could have unlimited scans."
"I would like to see more AI features. It's a current subject because with ChatGPT and other solutions being developed all the time, IT attacks will increase... To defend against those it's very important that the good guys use AI in ways that are good instead of bad."
"It would be nice if Veracode were bundled with some preferred vendors like Salesforce and offered at a discount."
"It takes a lot of time to scan the applications. They can make them faster and provide an option to scan a specific portion of the app. Such a feature would be very helpful."
"Veracode can be improved in terms of software composition analysis and related vulnerabilities."
"The pricing for qualified startups such as Neo4j could be improved."
"The scanning process for records could be faster and there is room for improvement in Veracode's performance."
"The only notable problem we have had is that when new versions of Swift have come out, we have found Veracode tends to be a bit behind in updates to support the new language changes."
"The user interface can sometimes be a little challenging to work with, and they seem to be changing their algorithm on what is an issue. I understand why they do it, but it sometimes causes more work on our end."
Acunetix is ranked 16th in Application Security Tools with 26 reviews while Veracode is ranked 2nd in Application Security Tools with 194 reviews. Acunetix is rated 7.6, while Veracode is rated 8.2. The top reviewer of Acunetix writes "Fantastic reporting features hindered by slow scanning ". On the other hand, the top reviewer of Veracode writes "Helps to reduce false positives and prevent vulnerable code from entering production, but does not support incremental scanning ". Acunetix is most compared with OWASP Zap, Tenable.io Web Application Scanning, PortSwigger Burp Suite Professional, HCL AppScan and PortSwigger Burp Suite Enterprise Edition, whereas Veracode is most compared with SonarQube, Checkmarx One, Snyk and Fortify on Demand. See our Acunetix vs. Veracode report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.