Sign in
Sign in
or
Create a new account
Agent Mode
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

Invicti

Invicti Security

Reviews from AWS customer

2 AWS reviews

External reviews

118 reviews
from and

External reviews are not included in the AWS star rating for the product.

    Mohamed Fouad

Accurate web vulnerability scans have strengthened our critical application security posture

  • December 02, 2025
  • Review provided by PeerSpot

What is our primary use case?

My main use case for Acunetix is using it as a web security and web vulnerability scanner.

I use Acunetix in my day-to-day work to perform web vulnerability assessments for our web servers.

What is most valuable?

Acunetix's best features are scalability and accuracy on provided vulnerabilities.

The scalability of Acunetix is impressive, and accuracy is one of the best features because I do not waste time verifying each provided vulnerability from Acunetix.

Acunetix has positively impacted my organization by providing updates on vulnerabilities in our web security and web application servers.

Since implementing Acunetix, I have seen improvements as we have discovered real vulnerabilities and threats on our web application server, which is very critical to our organization.

What needs improvement?

Acunetix may need to reconsider the cost or price compared to other vendors.

For how long have I used the solution?

I have been using Acunetix for three years.

What do I think about the stability of the solution?

Acunetix is stable.

What do I think about the scalability of the solution?

Acunetix has great scalability.

How are customer service and support?

I did not need to reach customer support because the product is very effective.

How would you rate customer service and support?

Which solution did I use previously and why did I switch?

I previously used Nessus, and I stopped using it and switched to Acunetix.

What was our ROI?

I have seen a return on investment with Acunetix, including time saved and cost reduction, because it provides us threats on our web application servers.

What's my experience with pricing, setup cost, and licensing?

My experience with pricing, setup cost, and licensing is that it is somewhat high.

What other advice do I have?

I would rate Acunetix a 10 out of 10.

I gave Acunetix a 10 because of its accuracy.

My advice to others looking into using Acunetix is that it will be one of the best web vulnerability scanners, providing accuracy on proposed vulnerabilities and discovered vulnerabilities.

My overall review rating for Acunetix is 10.

    sai kiran narayana .

Excellent Security Tool with Continuous Improvements

  • November 24, 2025
  • Review provided by G2

What do you like best about the product?
This is one of the best security tools available on the market today. It continues to evolve and improve. By using it, web applications become more secure. Additionally, it helps identify most hidden pages on any website, especially those concealed through cookies.
What do you dislike about the product?
The vulnerability detection is inconsistent, and the scanning process tends to be slow.
What problems is the product solving and how is that benefiting you?
The process of identifying probable vulnerabilities is crucial for maintaining security. It allows for early detection of potential risks, helping to prevent issues before they become serious problems.

    Himanshu_Tyagi

Saves significant assessment time with automated scans but requires manual effort to filter false positives

  • November 24, 2025
  • Review from a verified AWS customer

What is our primary use case?

Acunetix has primarily been used for application security, and it has also been used for vulnerability management, though not as extensively because Qualys Guard Total Cloud solution was being used for scanning cloud assets.

Qualys Total Cloud was used to scan cloud assets. Earlier, when using CLI tools like Troller, there was not much visibility because the reporting section from the CLI tool was not that helpful. However, when using Qualys Guard, the Total Cloud offered advanced reporting features and had the option to share vulnerability reports directly via email, allowing the end participant's email address to be entered for automatic report delivery.

What is most valuable?

The crawling option in Acunetix is really good because whenever a scan is initiated, the crawling option provides good coverage about the vulnerabilities identified in the application. The attack option that comes after crawling is quite good. When the application is configured in authenticated scan mode with Acunetix, it provides good visibility about the security vulnerabilities in the application.

The experience with Qualys Total Cloud was really good, as when Qualys Guard was used to scan cloud security assets, it identified the vulnerabilities and helped differentiate between valid findings and invalid findings. Qualys Guard is called Total Cloud, which means cloud assets are scanned regardless of any environment, whether it is GCP, AWS, or Azure.

What needs improvement?

Improving the handling of false positives would be beneficial because it can be challenging to trust the findings flagged by Acunetix, and those findings must be manually validated. Sometimes the scanner shows a vulnerability count exceeding 100, and manually assessing the findings can be quite a challenge.

The main concern is related to false positives; Acunetix needs to work on identifying valid and invalid findings. While Checkmarx has very good coverage, its pricing is quite high. If Acunetix improves in handling false positives, it will make a significant impact in the security world.

For how long have I used the solution?

Acunetix has been used for a long time, about five to six years, along with Netsparker and other automated scanners.

What do I think about the stability of the solution?

The experience has been pretty smooth without crashes, downtimes, or performance issues with Acunetix.

What do I think about the scalability of the solution?

Acunetix is quite scalable.

How are customer service and support?

The tech support from Invicti for Acunetix is really good. Whenever a support ticket is raised, their SLA is quite nice. For high-severity issues, they reach out within two to three hours, and for critical issues, a response is received within 15 minutes.

The tech support would be rated an eight out of ten.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

As far as experience is concerned, only Checkmarx SAST tool has been worked on, and no other Checkmarx products like Checkmarx One are used.

Rapid7 Nexpose has been used, but no other Rapid7 products have been explored. Additionally, Qualys Guard and Qualys VMDR Vulnerability Management Detection Response solution have been worked on.

How was the initial setup?

The setup process for Acunetix is not that complicated, and Acunetix support can always be reached out to. Whenever Acunetix is onboarded in the environment, the Acunetix team assists with the installation, making the setup quite easy.

What's my experience with pricing, setup cost, and licensing?

The pricing cost is affordable for small and mid-sized organizations, and when compared to Checkmarx, it is significantly affordable, as Checkmarx is quite expensive.

The cost-effectiveness is really good because it comes under the budget of organizations looking to use automated scanners, which really helps and saves time.

What other advice do I have?

Currently, work is being done with AWS cloud security and application security tools such as Burp Suite, and various automated scanners such as Netsparker and Acunetix are also being used, along with vulnerability scanning tools such as Nessus Professional and Rapid7 Nexpose.

Acunetix is good, even though there have been some issues related to false positives. Whenever an automated scanner like Netsparker or Acunetix is used, it takes time to run the scan. Once the scan is completed, the false positives flagged by the scan need to be identified. Acunetix is a good tool because if there is less time and the team needs to perform the security assessment, a manual assessment will take almost a week to assess a large application. However, when an automated scanner like Acunetix is used, the same task can be done within three to four days. Authenticated scans are usually preferred with any automated scanner like Acunetix because it provides much visibility about the application on which the scan is initiated, and the results from authenticated scans are very good compared to unauthenticated scans.

Acunetix was used recently, about three months ago.

Acunetix was not used for AWS because various other AWS solutions are available to determine the vulnerabilities for cloud, primarily using AWS Inspector to scan the AWS cloud. Security Hub is also used to measure cloud security posture management, so when it comes to scanning the cloud, AWS Inspector is primarily used.

Acunetix was hosted on the AWS cloud because when the application was scanned, it was not an on-premises solution; the applications hosted in AWS cloud were scanned using Acunetix.

The integration part has not been explored much because other tools are available, but Acunetix supports YAML files that can be used to integrate those scans into the CI/CD pipeline. However, Acunetix scans have not been integrated into the CI/CD pipeline.

The Acunetix network security component has not been used.

If there is less time to perform manual security assessments, Acunetix is a good option because if a manual security assessment takes almost a week, the same task with Acunetix can be completed within three to four days, which really saves time for the entire team. The results are faster and interactive reports generated by the dashboard can be shared. This helps improve the overall security posture.

The features present in Acunetix are quite good and serve the purpose well.

Acunetix is definitely recommended for scanning, and if someone asks whether they should use Acunetix to mitigate the threats identified in their applications hosted in AWS cloud, it would definitely be recommended.

When the continuous scan approach is used for security compliance, it really helps because the scan is not paused for any reason, like if the application goes down. With the continuous scan operation, the application is continuously assessed by the scan engine of Acunetix, and the results from the continuous scan feature are quite good. The continuous scanning feature has been used.

If an organization has 100 plus applications and wants to use an automated scanner, they should definitely go ahead with Acunetix because it is very cost-effective and will save time compared to focusing on other solutions and performing manual security assessments.

The recommendation for other organizations considering Acunetix depends upon their requirements.

This review has been given a rating of 7 out of 10.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)

    Deepesh V.

Powerful Security Scanning Made Easy with Acunetix

  • November 17, 2025
  • Review provided by G2

What do you like best about the product?
Acunetix is a powerful tool for security scanning and it's ease of use and setup. I frequently use this because this helps identify vulnerabilities like SQL injection, along with its ease of implementation and integration with CI/CD and it easily integrated with the web application in hand. The customer support is great and provides answers to queries quickly.
What do you dislike about the product?
It could improve in few areas like setting up demos on how some complex configurations work and what are the use cases it solves. It can also resource intensive for large applications.
What problems is the product solving and how is that benefiting you?
Acunetix makes web application security testing much easier by automating most of the work. It quickly finds serious issues like SQL injection, XSS, weak authentication, and configuration problem things that would take a lot of time and effort to catch manually. What I really appreciate is that everything is handled in one place: the scans, the results, and the steps to fix the vulnerabilities. It saves a lot of time and eliminates the need to juggle multiple tools.

    Rahul Kumar

Identifies vulnerabilities across bulk web applications but needs better support and cleaner reports

  • November 16, 2025
  • Review provided by PeerSpot

What is our primary use case?

I have been using Acunetix for more than five years, as I used it in both my previous company and my current company.

My day-to-day use of Acunetix involves scanning web applications, scanning multiple files, and conducting gray-box scanning of the applications to identify any automated issues related to outdated libraries.

I rely primarily on Acunetix for bulk scanning of multiple web applications, which includes gray-box and white-box assessments as well as black-box assessments of web applications in terms of security.

One specific example of a recent assessment I did with Acunetix involved a large customer-facing application with many modules and functionalities that cannot be done manually, so it was very efficient; we included active scanning of Acunetix through gray-box credentials and identified a few vulnerabilities that were not found manually.

What is most valuable?

The best feature Acunetix offers is the centralized dashboard and the quality of reports it generates, which includes various options for selecting reports and developer options for directly sharing the reports with developers.

The centralized dashboard of Acunetix gives visibility into the security aspects of mass applications; for instance, with more than 200 applications, it provides a valuable overview of findings and necessary fixes, along with a high-level summary that helps us achieve compliance through monthly and sometimes weekly scanning.

In terms of reporting, Acunetix is excellent because it can generate different types of reports, such as an executive summary report, detailed reports, and developer reports that can be shared directly with developers.

Acunetix positively impacts my organization by helping identify outdated libraries and applications, including legacy applications vulnerable to old attacks based on OWASP Top 10, thus aiding in compliance checks for PCI DSS and OWASP.

Acunetix provides a centralized report with compliance-related aspects and a vulnerability timeline, effectively helping reduce vulnerabilities and save time.

What needs improvement?

I believe Acunetix can improve customer support, as the dedicated support staff are often unfamiliar with problems and troubleshooting, leading to communication gaps that delay issue resolution.

Regarding the needed improvements, I find that there are too many duplicate findings in reports; for example, if there are numerous XSS vulnerabilities reported, they are shown individually instead of being grouped together.

For how long have I used the solution?

I have been working in my current field for more than eight years.

What do I think about the stability of the solution?

Acunetix is pretty stable in my experience.

What do I think about the scalability of the solution?

Acunetix can handle increasing workloads and more applications easily.

How are customer service and support?

Acunetix customer support responds on time, but resolution can take longer due to involving stakeholders who are not relevant and the support staff not being familiar with the problem.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

Before Acunetix, we used a different solution called ImmuniWeb, which did not provide good findings or customer support, prompting the switch.

What was our ROI?

I have seen a return on investment, as Acunetix helps reduce the man-days and effort needed for scanning bulk applications through automated assessments, allowing good dashboard visualization that can be reported easily to management, providing complete visibility on vulnerability metrics.

What's my experience with pricing, setup cost, and licensing?

In terms of pricing, setup cost, and licensing, I find it good and not overpriced, plus there are discounts offered.

Which other solutions did I evaluate?

We evaluated several options, including Checkmarx, Acunetix, Burp Suite, and ImmuniWeb before making our choice.

What other advice do I have?

My advice for those looking into using Acunetix is to utilize it effectively due to its good features, especially its APIs and other functionalities. My company does not have a business relationship with this vendor beyond being a customer. I would rate this review as a seven out of ten.

    Kaushal D.

Comprehensive and Reliable Web Vulnerability Scanner

  • November 08, 2025
  • Review provided by G2

What do you like best about the product?
Acunetix delivers precise and rapid vulnerability scanning through an intuitive interface. The platform generates comprehensive reports and offers prompt remediation guidance, ensuring thorough coverage for both web applications and APIs. This makes the process of conducting security assessments efficient and dependable.
What do you dislike about the product?
At times, scans can be quite resource-intensive and may take longer to complete when working with large applications. Additionally, I feel that the pricing structure could be more accommodating, especially for smaller teams or projects with a limited scope.
What problems is the product solving and how is that benefiting you?
Acunetix assists in detecting and addressing security vulnerabilities such as SQL injection, XSS, and misconfigurations early in the development process. By automating routine web application scans, it enhances our overall security posture and helps us save time.

    Computer Software

Powerful Scanning, But Setup Can Be Complex for Beginners

  • November 05, 2025
  • Review provided by G2

What do you like best about the product?
Acunetix by Invicti provides accurate and fast vulnerability scanning with minimal false positives. I like how easy it is to integrate into CI/CD pipelines for automated security testing.
What do you dislike about the product?
While Acunetix is a powerful tool, the initial setup and scan configuration can feel a bit complex for first-time users.
What problems is the product solving and how is that benefiting you?
Acunetix by Invicti helps us identify and remediate web application vulnerabilities early in the development cycle. It automates vulnerability scanning for issues like SQL injection

    Mitul S.

User-Friendly and Accurate, But Room for Further Impressions

  • November 05, 2025
  • Review provided by G2

What do you like best about the product?
This is a very good product that is also user-friendly. Its accuracy in finding vulnerabilities is impressive.
What do you dislike about the product?
Nothing as of now, no any issue on the product
What problems is the product solving and how is that benefiting you?
Need to work to reduce the false positives and need a integration or inbuilt Gen AI for latest threats

    Ranit D.

Effortless Vulnerability Detection That Fits Seamlessly into DevSecOps

  • November 04, 2025
  • Review provided by G2

What do you like best about the product?
What I like best about Acunetix by Invicti is how seamlessly it combines powerful vulnerability detection with ease of use. It’s not just another security scanner — it’s an intelligent, automated tool that feels built for both developers and security professionals. The way it quickly identifies and prioritizes critical vulnerabilities like SQL injection, XSS, and misconfigurations across websites and APIs saves a huge amount of manual effort. The clean, intuitive dashboard makes interpreting scan results straightforward, and the detailed remediation guidance helps teams actually fix issues rather than just list them. Plus, its integration with CI/CD pipelines and issue trackers like Jira fits perfectly into a modern DevSecOps workflow, making security testing feel like a natural part of development instead of a separate burden.
What do you dislike about the product?
What I dislike about Acunetix by Invicti is that, despite its powerful capabilities, it can sometimes feel resource-intensive and time-consuming, especially during deep scans of large or complex web applications. The scans can slow down systems or take longer than expected, which might interrupt normal workflows. Additionally, while the tool provides a lot of valuable data, the volume of findings can be overwhelming, and filtering out false positives requires manual effort and experience. The pricing can also be on the higher side for smaller organizations or startups, which limits accessibility. Lastly, although it integrates well with other tools, setting up and fine-tuning these integrations for the first time can take some technical know-how and patience.
What problems is the product solving and how is that benefiting you?
Acunetix by Invicti is solving the critical problem of identifying and mitigating web application vulnerabilities before attackers can exploit them. In today’s digital landscape, where websites and APIs are prime targets, Acunetix helps by automatically scanning for weaknesses like SQL injections, cross-site scripting (XSS), insecure server configurations, and outdated components. What makes it especially beneficial is how it provides accurate, actionable insights rather than just raw data — helping security teams and developers understand where the issues lie and how to fix them efficiently. For me, this translates to saved time, stronger security posture, and peace of mind, knowing that potential threats are caught early in the development cycle. Its integration with DevOps tools also ensures that security becomes part of the continuous delivery process, reducing the risk of vulnerabilities making it into production and helping maintain compliance with security standards.

    KashifJamil

Has enabled teams to improve security testing with smooth integration and high accuracy

  • May 27, 2025
  • Review from a verified AWS customer

What is our primary use case?

Most of the customers who use Acunetix are looking for security testing. The primary use case is performing penetration testing.

The main use cases include vulnerability scanning, security testing, penetration testing, PCI DSS reporting, and multi-user environment support, which excels in SQL injection and cross-site scripting detection.

What is most valuable?

Acunetix has a very good ratio of fewer false positives, so users don't need to retest everything.

Acunetix operates smoothly with no interruptions required, and it performs at 100% efficiency without issues in scanning anything.

The solution is excellent at detecting SQL injection and cross-site scripting vulnerabilities.

Acunetix integrates with every type of tool, including CI/CD tools, offering 100% integration in DevOps environments.

The main benefit of Acunetix is that at the first level, users can address security issues related to penetration testing, allowing them to expose vulnerabilities and ensure all required testing is completed with very few false positives.

What needs improvement?

Acunetix should improve by further reducing false positives and providing more customized reports, plus better integration with newer tools such as GitHub and Azure DevOps.

For how long have I used the solution?

I have been working with Acunetix for almost seven to eight years.

What was my experience with deployment of the solution?

The setup is straightforward, with nothing difficult in Acunetix.

What do I think about the stability of the solution?

Acunetix is a stable solution.

What do I think about the scalability of the solution?

For scalability, Acunetix easily scales for larger environments and larger systems.

How are customer service and support?

Invectis Support provides good service when contacted.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I have more experience with IBM products, specifically IBM QRadar.

How was the initial setup?

The deployment, installation, and training take approximately two to three days.

What was our ROI?

Every second customer sees ROI with Acunetix.

What other advice do I have?

Acunetix supports multi-user environments effectively.

Acunetix is targeted for small to mid-size teams in a DevSecOps environment, making it the best choice for small and mid-size companies, offering a friendly interface, support for CI/CD, and excellent vulnerability scanning capabilities.

On a scale of 1 to 10, I rate Acunetix 9 out of 10.

showing 1 - 10