TrustRadius: an HG Insights company
Back to Overview
Acunetix by Invicti Logo

Acunetix by Invicti Reviews and Ratings

Rating: 8 out of 10
Score
8 out of 10

Community insights

TrustRadius Insights for Acunetix by Invicti are summaries of user sentiment data from TrustRadius reviews and, when necessary, third party data sources.

Business Problems Solved

Acunetix is a highly reliable and efficient tool that is widely used by organizations to enhance the security of their web applications. Users rely on Acunetix to quickly assess the security of online apps and identify any flaws that need to be addressed. With its dynamic application testing capabilities, this software is capable of detecting OWASP's top 10 vulnerabilities, ensuring that potential risks are identified and resolved promptly.

One of the key benefits of Acunetix is its ability to easily find vulnerabilities in web applications through automated scanning, saving users valuable time and effort. Businesses appreciate the tool's effectiveness in detecting complex security issues like SQL injections and cross-site scripting, which can pose significant risks if left undetected. The detailed reports provided by Acunetix on web application vulnerabilities, along with remediation suggestions and compliance with standards such as OWASP Top 10 and SANS 25, enable organizations to prioritize and implement necessary security measures.

Acunetix caters to the needs of various stakeholders within organizations by offering a user-friendly interface and customizable reporting features. Security professionals find it easy to manage web application security with Acunetix, leveraging its features to stay on top of potential vulnerabilities. The software also provides an added layer of vulnerability discovery by automating the scanning process for websites. Its integration into CI/CD pipelines allows for end-to-end vulnerability reporting workflows, ensuring that security remains a priority at every stage of development.

Users highly value Acunetix as a reliable scanner for web assessments, appreciating its accuracy in providing results with fewer false positives compared to other tools in the market. The ability to schedule scans, continuous improvement, and integration with ticket systems are additional features that contribute to effective vulnerability management. From assessing web application security and compliance with international standards to protecting business infrastructure, Acunetix serves as an indispensable solution for various use cases related to web application security testing and vulnerability assessment.

Despite some minor issues reported by users, Acunetix has received predominantly positive feedback and remains a popular choice for businesses. Its integration into the development process ensures that no vulnerabilities go unnoticed before deployment. With a low false-positive rate and valuable context provided for addressing identified issues, Acunetix enhances web application security, suggests ways to fix vulnerabilities, and seamlessly integrates with DevOps and CI/CD schemes.

Reviews

3 Reviews

Best tool for Application Security

Rating: 9 out of 10
Incentivized

Use Cases and Deployment Scope

I had use case from one of our customers to establish security testing automation in DevSecOps pipeline. I was looking for such a tool and after lot of evaluations found Acunetix perfectly suited to the requirements. After initial PoC of few days with little configuration support from Invicti we decided to go for it and establish a platform for our end customers

Pros

  • Integration of tool with different IDE is great
  • Easy to scan code and identify vulnerabilities
  • Dashboard is easy to customise

Cons

  • Configuration of DevSecOps can be improved for ease
  • Dashboard can have API integration
  • Broaden the scope of vulnerabilities

Likelihood to Recommend

It is best suited for integrated security testing of applications which are hosted on web servers. The most important thing is the integration of DevSecOps which is crucial in today's fast paced environment of rapid development. The core of Acunetix is application scanning which is really great and I highly recommend this product to everyone

RD
Rahul Deshmukh
Security Solutions Architect in Information Technology at Tech Mahindra Ltd (10,001+ employees)
Vetted Review
Acunetix by Invicti
3 years of experience
View profile

Squash OWASP vulnerabilities with Acunetix

Rating: 9 out of 10
Incentivized

Use Cases and Deployment Scope

We are not a big web development shop but we occasionally do have new code that we need to test against OWASP type web application vulnerabilities. There are many tools that can do this. But most of them have a fairly decent rate of false positives. Also, they don't really help address the issues that they find. Acunetix has had a low false-positive rate for us. The developer reports provide a lot of contexts to help the people who need to fix the issues know what to fix.

Pros

  • Low rate of false positives
  • Good reporting options
  • Authenticated scans

Cons

  • User management

Likelihood to Recommend

Acunetix scales well from a small web development presence like ours to a full-scale enterprise focused on that. The various tools and sensors that provide assurance of the results and can give feedback down to the lines of code in the source are proof of this. Various integrations exist as well. The main thing for us is that it simplifies confirming and remediating potential issues in our code or proving that products we use have issues that we can then take to the vendor for correction.

AC
Allan Crittenden Edwards
Security Analyst in Information Technology at Eastern Michigan University (1001-5000 employees)
Vetted Review
Acunetix by Invicti
6 years of experience
View profile

Application Vulnerability Scanner with a great ROI

Rating: 9 out of 10
Incentivized

Use Cases and Deployment Scope

Acunetix is used to support our customer's vulnerability management and application security programs.

Pros

  • Fast.
  • Easy-to-use.
  • Great customer support.
  • Reporting features.
  • Supports importing state files from other popular application testing tools.
  • Has other features built-in beyond just scanning for vulnerabilities.

Cons

  • Does not support multiple endpoints well (e.g. apps and services that do not reside at the same URL).
  • Has authentication problems with modern enterprise apps which involve a lot of redirects to unrelated endpoints, federated IDs, SSO, etc. This is related to the first point.
  • The vulnerability detection capability is not as robust as Burp Suite Pro + extensions, Metasploit + auxiliary modules, Nmap + scripts, etc.

Likelihood to Recommend

It is suited well for ad-hoc and scheduled application vulnerability scans. You must review the results to manually filter out false-positives. You must always keep in mind that this is only a vulnerability scan. It can only find a certain class of vulnerabilities, and it can only do that so well. You should definitely not rely on this tool alone for identifying problems. That being said, I have used it along with every other major commercial vulnerability scanner and find it to the <u>best overall ROI</u> compared to more expensive commercial scanners that don't necessarily give you a better user experience or better vulnerability results.

I rarely need support from the vendor, but when I do, they have been responsive and able to solve the issue quickly.

AB
Aaron Bryson
Director - Red Team (Application, Mobile, Cloud, IoT security, etc.) in Professional Services at Cylance, Inc. (1001-5000 employees)
Vetted Review
Acunetix by Invicti
7 years of experience
View profile