The initial concern that comes to mind is the cost as the pricing structure is significantly high, especially for the average user. It amounts to approximately $2,000 per year, excluding additional expenses. There's a clear need for a reduction in pricing to make the service more accessible. Another critical enhancement should focus on the tool's ability to bypass Web Application Firewalls. Currently, it falls short in this aspect, which can be a significant limitation.
They should include the features for reporting in the solution's next release. Also, a dashboard feature could help us view scanning targets segregated into different categories. In addition, there should be a feature to export the data into Excel Spreadsheet.
The solution can be improved by adding the ability to scan subdomains automatically, and by providing reports that can be exported to external databases to share with other solutions. The solution is also costly and can use a price reduction.
Security Specialist at a tech services company with 11-50 employees
Real User
2021-06-18T10:17:40Z
Jun 18, 2021
Normally, the product asks for the URL address before scanning a certain application. Acunetix is immediately used for web application scanning purposes for vulnerability assessment. However, it doesn't seem very helpful or useful for scanning web services, and that has what I feel that the organization could work better on that. The pricing is a bit on the higher side.
CEO at a tech consulting company with 11-50 employees
Reseller
2021-04-23T14:05:18Z
Apr 23, 2021
The solution should work on dealing with the number of false positives it delivers. While we do have it integrated with other solutions, it could still offer more integrations.
I had some issues with the JSON parameters where it found some strange vulnerabilities, but it didn't alert the person using it or me about these vulnerabilities, e.g., an error for SQL injection. They need more customized scans along with a way to edit their default payloads. While you can select which check to do, you can't add which payload to use.
Acunetix Web Vulnerability Scanner is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross site scripting, and other exploitable vulnerabilities.
Acunetix needs to include agent analysis.
Acunetix needs to improve its cost.
The initial concern that comes to mind is the cost as the pricing structure is significantly high, especially for the average user. It amounts to approximately $2,000 per year, excluding additional expenses. There's a clear need for a reduction in pricing to make the service more accessible. Another critical enhancement should focus on the tool's ability to bypass Web Application Firewalls. Currently, it falls short in this aspect, which can be a significant limitation.
Acunetix needs to be dynamic with JavaScript code, unlike Netsparker which can scan complex agents.
They should include the features for reporting in the solution's next release. Also, a dashboard feature could help us view scanning targets segregated into different categories. In addition, there should be a feature to export the data into Excel Spreadsheet.
The solution can be improved by adding the ability to scan subdomains automatically, and by providing reports that can be exported to external databases to share with other solutions. The solution is also costly and can use a price reduction.
There are some versions of the solution that are not as stable as others.
The only problem that they have is the price. It is a bit expensive, and you cannot change the number of applications for the whole year.
Normally, the product asks for the URL address before scanning a certain application. Acunetix is immediately used for web application scanning purposes for vulnerability assessment. However, it doesn't seem very helpful or useful for scanning web services, and that has what I feel that the organization could work better on that. The pricing is a bit on the higher side.
The solution should work on dealing with the number of false positives it delivers. While we do have it integrated with other solutions, it could still offer more integrations.
I had some issues with the JSON parameters where it found some strange vulnerabilities, but it didn't alert the person using it or me about these vulnerabilities, e.g., an error for SQL injection. They need more customized scans along with a way to edit their default payloads. While you can select which check to do, you can't add which payload to use.