Effortless Vulnerability Detection That Fits Seamlessly into DevSecOps
What do you like best about the product?
What I like best about Acunetix by Invicti is how seamlessly it combines powerful vulnerability detection with ease of use. It’s not just another security scanner — it’s an intelligent, automated tool that feels built for both developers and security professionals. The way it quickly identifies and prioritizes critical vulnerabilities like SQL injection, XSS, and misconfigurations across websites and APIs saves a huge amount of manual effort. The clean, intuitive dashboard makes interpreting scan results straightforward, and the detailed remediation guidance helps teams actually fix issues rather than just list them. Plus, its integration with CI/CD pipelines and issue trackers like Jira fits perfectly into a modern DevSecOps workflow, making security testing feel like a natural part of development instead of a separate burden.
What do you dislike about the product?
What I dislike about Acunetix by Invicti is that, despite its powerful capabilities, it can sometimes feel resource-intensive and time-consuming, especially during deep scans of large or complex web applications. The scans can slow down systems or take longer than expected, which might interrupt normal workflows. Additionally, while the tool provides a lot of valuable data, the volume of findings can be overwhelming, and filtering out false positives requires manual effort and experience. The pricing can also be on the higher side for smaller organizations or startups, which limits accessibility. Lastly, although it integrates well with other tools, setting up and fine-tuning these integrations for the first time can take some technical know-how and patience.
What problems is the product solving and how is that benefiting you?
Acunetix by Invicti is solving the critical problem of identifying and mitigating web application vulnerabilities before attackers can exploit them. In today’s digital landscape, where websites and APIs are prime targets, Acunetix helps by automatically scanning for weaknesses like SQL injections, cross-site scripting (XSS), insecure server configurations, and outdated components. What makes it especially beneficial is how it provides accurate, actionable insights rather than just raw data — helping security teams and developers understand where the issues lie and how to fix them efficiently. For me, this translates to saved time, stronger security posture, and peace of mind, knowing that potential threats are caught early in the development cycle. Its integration with DevOps tools also ensures that security becomes part of the continuous delivery process, reducing the risk of vulnerabilities making it into production and helping maintain compliance with security standards.
Has enabled teams to improve security testing with smooth integration and high accuracy
What is our primary use case?
Most of the customers who use Acunetix are looking for security testing. The primary use case is performing penetration testing.
The main use cases include vulnerability scanning, security testing, penetration testing, PCI DSS reporting, and multi-user environment support, which excels in SQL injection and cross-site scripting detection.
What is most valuable?
Acunetix has a very good ratio of fewer false positives, so users don't need to retest everything.
Acunetix operates smoothly with no interruptions required, and it performs at 100% efficiency without issues in scanning anything.
The solution is excellent at detecting SQL injection and cross-site scripting vulnerabilities.
Acunetix integrates with every type of tool, including CI/CD tools, offering 100% integration in DevOps environments.
The main benefit of Acunetix is that at the first level, users can address security issues related to penetration testing, allowing them to expose vulnerabilities and ensure all required testing is completed with very few false positives.
What needs improvement?
Acunetix should improve by further reducing false positives and providing more customized reports, plus better integration with newer tools such as GitHub and Azure DevOps.
For how long have I used the solution?
I have been working with Acunetix for almost seven to eight years.
What was my experience with deployment of the solution?
The setup is straightforward, with nothing difficult in Acunetix.
What do I think about the stability of the solution?
Acunetix is a stable solution.
What do I think about the scalability of the solution?
For scalability, Acunetix easily scales for larger environments and larger systems.
How are customer service and support?
Invectis Support provides good service when contacted.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
I have more experience with IBM products, specifically IBM QRadar.
How was the initial setup?
The deployment, installation, and training take approximately two to three days.
What was our ROI?
Every second customer sees ROI with Acunetix.
What other advice do I have?
Acunetix supports multi-user environments effectively.
Acunetix is targeted for small to mid-size teams in a DevSecOps environment, making it the best choice for small and mid-size companies, offering a friendly interface, support for CI/CD, and excellent vulnerability scanning capabilities.
On a scale of 1 to 10, I rate Acunetix 9 out of 10.
They won't back their support or product.
What do you like best about the product?
The platform itself is good and produces exhaustive reports. They've helped us navigate compliance and security initiatives adequately.
What do you dislike about the product?
I cannot recommend Acunetix due to several concerning issues with both their product and business practices.
The sales process has become increasingly intricate, characterized by significant annual price increases and constantly changing target definitions. Their licensing model has also become more restrictive - once you scan a website, its URL is permanently locked to your license, unlike the more flexible approach when we first became customers.
A major technical issue emerged recently when the programmable login sequence functionality stopped working entirely. The timing was particularly problematic as it coincided with our renewal. Despite this critical feature being broken, Acunetix expected us to commit to renewal without any assurance of a resolution. When we proposed a conditional renewal with the possibility of a refund if their support team couldn't resolve the login issues, management flatly rejected our request.
Their response - "reached out to management about your request and it's not something we would be able to offer" - demonstrates a concerning lack of customer support and flexibility in addressing legitimate technical concerns.
This combination of aggressive pricing strategies, inflexible licensing, technical failures, and poor customer service has significantly diminished the value proposition of their product.
What problems is the product solving and how is that benefiting you?
We use it to perform pen tests for our singular SaaS application between milestone releases.
Identifies vulnerabilities effectively while needing partner collaboration improvements
What is our primary use case?
I typically use
Acunetix to identify vulnerabilities for clients.
What is most valuable?
The features of
Acunetix have proved most effective in identifying vulnerabilities. I find the false positives to be a notable aspect. Additionally, with its impressive capabilities, Acunetix offers several options for deployment. I can use it both on the cloud and on-premises, which provides flexibility. Its most valuable role is in enhancing security by identifying potential vulnerabilities efficiently.
What needs improvement?
Acunetix should focus more on partners for improvement.
For how long have I used the solution?
I have used Acunetix for approximately 30 minutes.
What was my experience with deployment of the solution?
There were no major issues during deployment, and it takes about 30 minutes to deploy.
What do I think about the stability of the solution?
I rate its stability six out of ten.
What do I think about the scalability of the solution?
The scalability of Acunetix is rated seven out of 10.
How are customer service and support?
The technical support from Acunetix is quite good, and I rate it eight out of 10.
How would you rate customer service and support?
How was the initial setup?
The initial setup of Acunetix is quite straightforward.
What was our ROI?
There have been improvements in security posture since using Acunetix.
What's my experience with pricing, setup cost, and licensing?
The pricing of Acunetix is pretty expensive and could be improved.
What other advice do I have?
I would recommend Acunetix to others. Overall, I rate this solution seven out of ten.
Acunetix for API security
What do you like best about the product?
Integration into Development workflows, broad api vulnerability coverage, automated and proof based scans and ease of use and implementaion with good UI.
What do you dislike about the product?
Customer support issues with more detailed technical issues, cost involving the frequency of use.
What problems is the product solving and how is that benefiting you?
Help discover security vulnerabilities.
Help secure API's.
Help integration in pipelines.
Benifits: Increased efficiency, sacalability and security.
Comprehensive tool with manual intervention support for web applications
What is our primary use case?
I use Acunetix for penetration testing purposes. This is the primary use case.
What is most valuable?
I mainly configure the tool for web applications, and I evaluate all products on the market. I find it to be one of the most comprehensive tools, with support for manual intervention. It offers support for specific scenarios like CAPTCHA and supports the ability to manage actions and updates from the internet.
What needs improvement?
I have experienced some problems yet can't recall the details. There was an issue related to updates from the internet, however, the support program was helpful in addressing it.
For how long have I used the solution?
I am an ongoing customer.
What do I think about the stability of the solution?
The solution is generally stable, however, there might be room for improvement regarding glitches or bugs.
What do I think about the scalability of the solution?
I don't fully understand the scalability features. Overall, it is adequate for our use case.
How are customer service and support?
The technical support from Invicti is very good and fast. I am highly satisfied with the response time and quality of support.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
I use Invicti for application security testing.
How was the initial setup?
One person is enough for the installation.
What was our ROI?
The tool is helpful for us. It saves a significant amount of time by covering attack surfaces.
What's my experience with pricing, setup cost, and licensing?
We secured a special licensing model for penetration testing companies, which is cost-effective.
Which other solutions did I evaluate?
I can see Burp Suite as an alternative.
What other advice do I have?
I rate the overall solution nine out of ten. I prefer Acunetix for its more precise and accurate results.
Attractive automated reports with boost user productivity and an easy setup
What is our primary use case?
The primary use is mainly related to vulnerability assessment, including both public and internal IP addresses.
How has it helped my organization?
By using this tool, we have reduced the workload and increased the productivity of users.
What is most valuable?
It generates automated reports. This feature is beneficial when sharing reports with clients as it works as a unique selling point due to how attractive and descriptive the reports are.
What needs improvement?
The interface API and other functionalities are very good. However, the cost can be reduced as management has noted it to be on the higher side.
For how long have I used the solution?
I have been working with Acunetix for almost two years.
How are customer service and support?
The technical support provided by Acunetix is absolutely great. We received support from them at every point in time.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
I used Nessus in one of my previous organizations due to cost reasons. However, my current organization decided to go with Acunetix.
How was the initial setup?
The initial setup was easy because we had a proper software team consisting of developers, database administrators, and application teams. With the help of the vendor, we were able to implement it successfully. It took approximately three to four months.
What about the implementation team?
The implementation was carried out with the help of a consultant.
What's my experience with pricing, setup cost, and licensing?
The cost is being handled by the procurement team, yet it is on the higher side, and there is a recommendation to reduce it.
What other advice do I have?
I would generally recommend Acunetix to any organization in the IT-enabled sector. However, I have not worked for a non-IT organization, so I cannot comment on that.
I'd rate the solution nine out of ten.
Constant outages, poor detection, and lousy support
What do you like best about the product?
Honestly, there is NOTHING I like best about Acuntix any more. I have been a subscriber since 2015 and something changed in 2019 where things started going downhill.
What do you dislike about the product?
The online scanner has become basically useless. Product has not materially improved or changed since at least 2015. Customer support is non-existant.
On each renewal our account goes offline for MONTHS. Many emails back and forth to get them to turn the account back on even if I include the receipt from their own system showing the account as paid.
One year they ended up deleteing ALL of our records.
Crappy company. Stay FAR away.
What problems is the product solving and how is that benefiting you?
Automated vulnerability scanning.
Acunetix is an easy to use, cost-effective DAST solution
What do you like best about the product?
Acunetix has a user-friendly UI, is easy to configure and run and produces reliable results.
What do you dislike about the product?
The licensing model is not as granular as it could be which means that planning is needed for scaling up or down.
What problems is the product solving and how is that benefiting you?
The need to assess the security of new applications developed within the organisation.
Provides proof of exploit, gives the specific code affected and enables a shift-left approach in the development process
What is our primary use case?
We are a consultant company.
How has it helped my organization?
Just by scanning, Acunetix provides proof of exploit and gives the specific code affected. You can also see a categorized list of vulnerabilities. From there, you can easily create a report.
It integrates with multiple tools in the CI/CD pipeline, like Jira and web application firewalls.
Acunetix automation improved our customer's security testing process. By integrating with CI/CD tools, it enables a shift-left approach in the development process. This helps find vulnerabilities earlier rather than after the application is published.
What is most valuable?
The interactive transaction feature is a winning point for us. It's a great selling point. Also, the ability to provide an inventory of currently used APIs is very helpful.
What needs improvement?
There is room for improvement in the pricing.
Tenable is better integrated and offers many tools in a bundle. I would like to see the same thing in Acunetix. Otherwise, I'm satisfied with Acunetix's performance.
For how long have I used the solution?
I have been using it for three years.
What do I think about the scalability of the solution?
We propose this product for smaller or bigger businesses.
But mostly to bigger enterprises. It's because of the reputation it has with bigger companies.
How are customer service and support?
Acunetix provides good support. No complaints.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
Acunetix stands out with its metrics, features, and Proof of Exploit. Other solutions we've used don't have those.
There is also Tenable.io Web App Scanning. Tenable's advantage is how it handles vulnerability management. For example, if you have Ansible vulnerability management, you can see both sets of information in a single pane. The only other difference might be pricing, but I'm not entirely sure about that.
How was the initial setup?
The initial setup is straightforward. Considering everything is in place, it will take about two weeks.
What about the implementation team?
We usually help our customers implement the product.
What's my experience with pricing, setup cost, and licensing?
The price is reasonable. We don't have many complaints from customers.
What other advice do I have?
I would recommend Acunetix to others for their web vulnerability scanning needs.
Overall, I would rate it a nine out of ten.
