Most Helpful Review
Use BMC TrueSight Vulnerability Management? Share your opinion.
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"One of the features that I feel is groundbreaking, that I would like to see expanded on, is the IAS feature: The Interactive Application Security Testing module that gets loaded onto an application on a server, for more in-depth, granular findings. I think that is really neat. I haven't seen a lot of competitors doing that."
"The most important feature is that it's a web-based graphical user interface. That is a great addition. Also, the ability to schedule scans is great."
"Their technical support has been very active. If I have an issue, I can reach out to them and get an answer pretty quick."
"We are able to create a report which shows the PCI DSS scoring and share it with the application teams. Then, they can correlate and see exactly what they need to fix, and why."
"The automated approach to these repetitive discovery attempts would take days to do manually and therefore it helps reduce the time needed to do an assessment."
"The vulnerability scanning option for analyzing the security loopholes on the websites is the most valuable feature of this solution."
"Our developers can run the attacks directly from their environments, desktops."
"It can operate both as a standalone and it can be integrated with other applications, which makes it a very versatile solution to have."
"Takes reports from other vulnerabilities."
"It is stable and scalable."
"This solution is much more user-friendly than past solutions I have used."
"Rapid7 InsightVM has given us a practical view of the vulnerabilities present in our organization."
"The most valuable feature for us is the different types of reporting it provides."
"We feel the interface is very good. It is very easy to use, even a nontechnical person can use it."
"The most valuable feature is the site scanning, where we can provide a complete subnet and what it is we need to scan on those devices."
"There are many integrations with things like the VMware NSX that are great, the reporting is really solid."
"It's easy to use. It's fast, it's a powerful easy to access tool."
"Integration into other tools is very limited for Acunetix. While we're trying to incorporate a CI/CD process where we're integrating with JIRA and we're integrating with Jenkins and Chef, it becomes problematic. Other tools give you a high integration capability to connect into different solutions that you may already have, like JIRA."
"It should be easier to recreate something manually, with the manual tool, because Acunetix is an automatic tool. If it finds something, it should be easier to manually replicate it. Sometimes you don't get the raw data from the input and output, so that could be improved."
"You can't actually change your password after you've set it unless you go back into the administration account and you change it there. Thus, if you're locked out and don't remember your password, that's a thing."
"We have had issues during upgrades where their scans worked on some apps better with previous versions. Then, we had to work with their tech support, who were great, to get it fixed for the next version."
"It would be nice to have a feature to "retest" only a single vulnerability that the customer reports as patched, and delete it from the next scans since it has already been patched."
"In terms of what needs improvement, the way the licensing model is currently is not very convenient for us because initially, when we bought it, the licensing model was very flexible, but now it restricts us."
"Tools that would allow us to work more efficiently with the mobile environment, with Android and iOS."
"When monitoring the traffic we always have issues with the bandwidth consumption and the throttling of traffic."
"No third-party applications or integrations with additional software solutions."
"There are not enough templates, and the reporting is weak with this solution."
"This solution creates false-positives which can cause issues with reporting."
"A definite improvement would be to make it easier to run ad-hoc scans without needing to assign the asset to a site or group."
"This solution integrates with another module in Metasploit, that doesn't exist in the other solutions. It is subscribed to on our roadmap, but we chose to implement both Nexppose and AppSpider."
"The reporting has room for improvement. You cannot customize any report. If I need a specific requirement, I have to create a new report for it."
"The reporting is a little bit tricky because it can be difficult to exactly pinpoint some of the assets to filter them and generate a report."
"Some difficulties with the online reporting and lack of integrations."
"The InsightVM cannot scan if we connect to our customer by the VPN."
Pricing and Cost Advice
"When we looked at all other vendors and what they were asking for, to provide a third of what Acunetix was capable of doing, it was an easy decision... But now that it's coming to a cost where it's line with market value, it becomes more of a competition... Acunetix is raising the cost of licensing. It's 3.5 times what we were initially quoted."
"Acunetix was around the same price as all the other vendors we looked at, nothing special."
"The pricing and licensing are reasonable to a point. In order to run multiple scans at a time, we are going to have to purchase a 100 count license, which is an overkill. Though, compared to what we were paying for, the cost seems reasonable."
"All things considered, I think it has a good price/value ratio."
"The costs aren't very expensive. It costs around $3000 or $4000."
"I would say that Acunetix is expensive because there are products on the market with similar features that are equally or better-priced."
"The pricing is a little high, and moreover, it's kind of domain-based."
Information Not Available
"The price of the solution is less than the competitors."
"I do not have experience with the pricing of the solution."
"This solution is expensive, but it's fine for us as we have an open budget for security solutions. Protection and having the system secured is more important."
"The license is IP based. How many IPs you are using to scan is the amount of the license you have to buy. The number of users doesn't matter; many users can use it or only person. It depends on the culture of the organization."
"Our licensing costs are somewhere around $40,000 annually. There are no additional fees."
"The licensing is asset-based and very straightforward."
Questions from the Community
Top Answer: The scalability is good. The scalability is more than good because it can operate both as a standalone and it can be… more »
Top Answer: We buy the license annually.
Top Answer: We want to see how much bandwidth usage it consumes. When we monitor traffic we have issues with the consumption and… more »
Top Answer: Takes reports from other vulnerabilities.
Top Answer: There is always room for improvement in all products. With BMC I'd like to see the ability to integrate with other… more »
Top Answer: We deal with server automation and end-point automation. Right now we're working with a very big client. We're partners… more »
Top Answer: It's easy to use. It's fast, it's a powerful easy to access tool.
Top Answer: Our licensing costs are somewhere around $40,000 annually. There are no additional fees. We will probably increase our… more »
Compared 26% of the time.
Compared 9% of the time.
Compared 7% of the time.
Compared 7% of the time.
Compared 7% of the time.
Compared 42% of the time.
Compared 38% of the time.
Compared 10% of the time.
Compared 41% of the time.
Compared 17% of the time.
Compared 13% of the time.
Compared 4% of the time.
Compared 3% of the time.
Also Known As
|AcuSensor||TrueSight Vulnerability Management, SecOps Response Service, BladeLogic Threat Director||InsightVM, NeXpose|
Acunetix Web Vulnerability Scanner is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross site scripting, and other exploitable vulnerabilities.
Helps security and IT operations teams prioritize and remediate risks based on potential impact to the business.
Rapid7 InsightVM is the vulnerability assessment tool built for the modern web. InsightVM combines complete ecosystem visibility, an unparalleled understanding of the attacker mindset, and the agility of SecOps so you can act before impact.
Learn more about Acunetix Vulnerability Scanner
Learn more about BMC TrueSight Vulnerability Management
Learn more about Rapid7 InsightVM
|Joomla!, Digicure, Team Random, Credit Suisse, Samsung, Air New Zealand||Online Business Systems||ACS, Acosta, AllianceData, amazon.com, biogen idec, CBRE, CATERPILLAR, Deloitte, COACH, GameStop, IBM|
Financial Services Firm42%
Comms Service Provider17%
Computer Software Company38%
Comms Service Provider16%
No Data Available
Financial Services Firm22%
Non Tech Company11%
Computer Software Company32%
Comms Service Provider12%
Financial Services Firm6%
No Data Available
See our list of best Vulnerability Management vendors.