We performed a comparison between Acunetix and Invicti based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Overall, it's a very good tool and a very good engine."
"The vulnerability scanning option for analyzing the security loopholes on the websites is the most valuable feature of this solution."
"The tool's most valuable feature is scan configurations. We use it for external physical applications. The scanning time depends on the application's code."
"For us, the most valuable aspect of the solution is the log-sequence feature."
"We are able to create a report which shows the PCI DSS scoring and share it with the application teams. Then, they can correlate and see exactly what they need to fix, and why."
"We use the solution for the scanning of vulnerabilities like SQL injections."
"There is a lot of documentation on their website which makes setting it up and using it quite simple."
"The most valuable feature of the solution is the speed at which it can scan multiple domains in just a few hours."
"It has a comprehensive resulting mechanism. It is a one-stop solution for all your security testing mechanisms."
"I like that it's stable and technical support is great."
"Crawling feature: Netsparker has very detail crawling steps and mechanisms. This feature expands the attack surface."
"The most attractive feature was the reporting review tool. The reporting review was very impressive and produced very fruitful reports."
"I am impressed with Invictus’ proof-based scanning. The solution has reduced the incidence of false positive vulnerabilities. It has helped us reduce our time and focus on vulnerabilities."
"The scanner and the result generator are valuable features for us."
"When we try to manually exploit the vulnerabilities, it often takes time to realize what's going on and what needs to be done."
"It correctly parses DOM and JS and has really good support for URL Rewrite rules, which is important for today's websites."
"There are some versions of the solution that are not as stable as others."
"There's a clear need for a reduction in pricing to make the service more accessible."
"The only problem that they have is the price. It is a bit expensive, and you cannot change the number of applications for the whole year."
"The jargon used makes it difficult for project managers to understand the issues, and the technical explanations used make it difficult for developers to understand issues. These things should be simplified much more. That would be very helpful for us when explaining to them what needs to be fixed. The report output needs to be simplified."
"The solution's pricing could be better."
"When monitoring the traffic we always have issues with the bandwidth consumption and the throttling of traffic."
"It should be easier to recreate something manually, with the manual tool, because Acunetix is an automatic tool. If it finds something, it should be easier to manually replicate it. Sometimes you don't get the raw data from the input and output, so that could be improved."
"It would be nice to have a feature to "retest" only a single vulnerability that the customer reports as patched, and delete it from the next scans since it has already been patched."
"The license could be better. It would help if they could allow us to scan multiple URLs on the same license. It's a major hindrance that we are facing while scanning applications, and we have to be sure that the URLs are the same and not different so that we do not end up consuming another license for it. Netsparker is one of the costliest products in the market. The licensing is tied to the URL, and it's restricted. If you have a URL that you scanned once, like a website, you cannot retry that same license. If you are scanning the same website but in a different domain or different URL, you might end up paying for a second license. It would also be better if they provided proper support for multi-factor authentications. In the next release, I would like them to include good multi-factor authentication support."
"Maybe the ability to make a good reporting format is needed."
"The scanner itself should be improved because it is a little bit slow."
"The scanning time, complexity, and authentication features of Invicti could be improved."
"Invicti takes too long with big applications, and there are issues with the login portal."
"The support's response time could be faster since we are in different time zones."
"The solution's false positive analysis and vulnerability analysis libraries could be improved."
"Netsparker doesn't provide the source code of the static application security testing."
Acunetix is ranked 17th in Application Security Tools with 26 reviews while Invicti is ranked 20th in Application Security Tools with 26 reviews. Acunetix is rated 7.6, while Invicti is rated 8.2. The top reviewer of Acunetix writes "Fantastic reporting features hindered by slow scanning ". On the other hand, the top reviewer of Invicti writes "A customizable security testing solution with good tech support, but the price could be better". Acunetix is most compared with OWASP Zap, Tenable.io Web Application Scanning, PortSwigger Burp Suite Professional, HCL AppScan and SonarQube, whereas Invicti is most compared with OWASP Zap, PortSwigger Burp Suite Professional, Qualys Web Application Scanning, Fortify WebInspect and Rapid7 AppSpider. See our Acunetix vs. Invicti report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.