Who Uses This Software?

Acunetix serves anyone with a website presence from SMBs to large Corporate Enterprises


Average Ratings

19 Reviews

  • 4.5 / 5
    Overall

  • 4.5 / 5
    Ease of Use

  • 4 / 5
    Customer Service

Product Details

  • Starting Price
    Not provided by vendor
  • Free Trial
  • Deployment
    Cloud, SaaS, Web
    Installed - Mac
    Installed - Windows
  • Training
    Documentation
    Webinars
  • Support
    Business Hours

Vendor Details

  • Acunetix
  • www.acunetix.com
  • Founded 2005
  • Malta

About Acunetix

Acunetix leads the market in automatic web security testing technology that scans and audits complex, authenticated, HTML5 and JavaScript-heavy websites among others. Used by many Government, Military, Educational, Telecommunications, Banking, Finance, and E-Commerce sectors, including many Fortune 500 companies, Acunetix offers cost-effective entry into the web scanning market with a simple, scalable, and high availability solution, without compromising quality.


Acunetix Features

  • AI / Machine Learning
  • Behavioral Analytics
  • Endpoint Management
  • Incident Management
  • IOC Verification
  • Tokenization
  • Vulnerability Scanning
  • Whitelisting / Blacklisting
  • Anti Spam
  • Anti Virus
  • Email Attachment Protection
  • Event Tracking
  • Internet Usage Monitoring
  • Intrusion Detection System
  • IP Protection
  • Spyware Removal
  • Two-Factor Authentication
  • Vulnerability Scanning
  • Web Threat Management
  • Web Traffic Reporting
  • Asset Discovery
  • Asset Tagging
  • Network Scanning
  • Patch Management
  • Policy Management
  • Prioritization
  • Risk Management
  • Vulnerability Assessment
  • Web Scanning

Acunetix Reviews Recently Reviewed!


Ok tool, but fix your business model and add more settings to the interface

Aug 17, 2018
3/5
Overall

5 / 5
Ease of Use

3 / 5
Features & Functionality

4 / 5
Customer Support

3 / 5
Value for Money
Likelihood to Recommend: 7.0/10 Not
Likely
Extremely
Likely

Pros: * The number of checks that take place.

* The quality of the issues found.

* After years it is finally possible to pause a scan, hallelujah.

Cons: * As a pentester I absolutely miss a more flexible way to configure settings like it was possible in v10. The interface is built as "point a shoot", idiot proof. Currently, If I want to configure things I need to change xml config files on the server and reload acunetix...

* After the release of v12 we were called by a sales agent as we suddently couldn't add targets anymore. The license model suddenly changed completely. The entire business model is now based on scanning an applications continuously over the year. However, as a pentesting business for we mostly scan apps just 1 time for our security assessments. It absolutely makes no sense to apply the same costs! Just like Netsparker, acunetix should have plans for pentesters and consultants.

* Scanning an app that spans multiple domains always results in problems. Currently you have the "Allowed hosts" settings which is crappy in setting up. I need to set all (sub) domains to a different target. And ofcourse with the current business model you are charged per target, lol.

Overall: Continuation of the cons section (number of chars was limited).

* Settings are sometimes unclear, an info icon with a popup would be nice.

Example 1: In the "Site Structure" of a scan it is possible to press "exclude", does it exlude the path from futre scans? If so why don't I see anything in the target settings? Or does "exlude" exclude vulnerabilities from the report? BTW after pressing exlude I'm not able to "include" it again.



Example 2: "scan speed", how many threads per setting are we talking about?

* Would definitly like to get some more feedback from scans directly in the interface, what is it doing, why did it fail, did all the "allowed hosts" got scanned etc. I know you can debug a target, but this is not what I mean.

Vendor Response

by Acunetix on October 08, 2018

Thank you for your honest feedback:

As you rightly say, we try to keep an easy to use interface, with the intention of automatically detecting the best way to scan the site. There are some settings which are not used by most of our customers, and which can be manually tweaked from the settings file.

I think you might have missed the little help icon at the top right corner of the Acunetix interface. When clicked, this provides help on the settings loaded in the current page. But to answer your queries:

Example 1 - When you Exclude a path from the Site Structure, the exclusion will be stored with the Target, and will affect subsequent scans. You can delete the exclusion from the Target settings.

Example 2: this is explained on our website at https://www.acunetix.com/blog/docs/configure-scan-speed-acunetix/. I have forwarded your comment about the scan feedback to the product team.

Regarding licensing, I would suggest that you get in touch with our sales team, who can work

I've been using Acunetix for 5 years already, and it's getting worst instead of getting better..

Jul 09, 2018
3/5
Overall

4 / 5
Ease of Use

2 / 5
Features & Functionality

4 / 5
Customer Support

2 / 5
Value for Money
Likelihood to Recommend: 4.0/10 Not
Likely
Extremely
Likely

Pros: - easy to use

- friendly UI

- easy to read reports

- the support is all right

- price used to be a pro

Cons: - they removed a lot of functionality in the last 2 years (starting with version 10): you are not able to crawl and scan only some of the parts of the website, based on the crawling made, you were not able to pause the scan (they re-introduced that in v12), not able to see the reply from the server for found vulnerabilities, in order to confirm them, it's not properly working for some login pages, it's not properly working on big websites, webshops, etc (the crawling takes ages!)

Vendor Response

by Acunetix on August 20, 2018

Thank you for your feedback.

Most of the features that you are missing have been re-introduced in newer updates.

You can now select to exclude parts of a site using the Site Structure identified in a previous scan.

As you rightly say, you can Pause scans in the latest version of Acunetix. You can also change the Target Settings and resume the scan with the new settings.

Response headers have also been re-introduced recently.

We would appreciate if you can provide more details on the issues with the Login of some sites and larger sites. Please send this info to our support team at support@acuneix.com

Simple, but very powerful web vunlerability scanner

Aug 13, 2018
5/5
Overall

5 / 5
Ease of Use

5 / 5
Features & Functionality

5 / 5
Customer Support

4 / 5
Value for Money
Likelihood to Recommend: 8.0/10 Not
Likely
Extremely
Likely

Pros: Ease of use, good customer support, very insightful reports (especially Developer raport), good vulnerability management. Also continous scanning option is an interesting thing for having continous security awareness of Your vulnerability level. Also login sequence recorder is an awesome tool.

Cons: Not a lot of scan options to configure - especially in comparison to Nessus - every check is done in default, You can't choose specifically which test is done in selected scan, only the type of scan (full, high-risk vulnerabilities, xss, sqli, weak passwords, crawl only ) or technology in which the scanned web app is written.

Overall: Good thing for a web application pentesting, can give You insight of a present vulnerabilities. Would recommend using in tandem with infrastructure scanner (like Nessus) to create a complete testing solution. Also presence of continous scanning and scheduler could be used for a regular security assesment of Your web applications.

Vendor Response

by Acunetix on August 20, 2018

Thank you for your feedback ¿ we¿re glad that Acuneix is working for you.

Regarding your comment about choosing what to scan for ¿ you can already do this in Acunetix, although the feature is slightly hidden away in Settings > Scan Types. Here you can create your own custom Scan Types, and you will be able to choose which vulnerabilities to check for. When creating a new custom Scan Type, you can filter the vulnerability checks from the top right hand corner of the page.

Remember that you can also easily retest for a specific vulnerability identified in a previous scan.

Easy to setup, nice results

Aug 13, 2018
4/5
Overall

4 / 5
Ease of Use

4 / 5
Features & Functionality

5 / 5
Customer Support

3 / 5
Value for Money
Likelihood to Recommend: 8.0/10 Not
Likely
Extremely
Likely

Pros: Very easy to setup initially, running scans quite fast, good crawler, very nice and understandable results.

Cons: The license model changed somehow in the middle of the three years, so it became impossible to continue to use it as planned without paying much more. Tools were removed.

Overall: As a scanner it is quite good, relevant and well described findings, so far no false positives. Following an initial trial and PoC with couple of competitors, Acunetix had the best features, most suitable licensing model, good support, so we purchased a three year license. However, at some point, it all changed. The license became based on other criteria, the testing and verification tools were removed, there is no support or way of reverting to a previous version, after you realise that the changes introduced and making the software unusable or insufficient. Overall, unless there are guarantees that it won't happen again, I will be very reluctant to renew.

Vendor Response

by Acunetix on August 20, 2018

Thank you for your feedback.

You can download the free Acunetix Manual Pentesting Tools from https://www.acunetix.com/vulnerability-scanner/free-manual-pen-testing-tools/. You can copy the Request done by Acunetix from the Vulnerability details, and use this in the Acuneix Manual Tools

Great for developers for self evaluation

Jul 19, 2018
4/5
Overall

3 / 5
Ease of Use

5 / 5
Features & Functionality

5 / 5
Customer Support

4 / 5
Value for Money
Likelihood to Recommend: 9.0/10 Not
Likely
Extremely
Likely

Pros: I have been using acunetix web vulnerability scanner since last 2 years as I develop Web apps and Websites in my professional career so I like to test it by myself for the vulnerabilities.

It gives me scope for improvement in my programming skills.

As it gives the developer report as a part of the report its very indepth report and very useful for me to develop secure web apps

I really like the web interface they have provided It reduces the dependancy of a device to carry.

really good.

Cons: There is nothing so far to dislike this software.

As my needs are getting fulfilled by the available functionalities.

Looking forward to new updates.

Vendor Response

by Acunetix on July 27, 2018

Thank you for your feedback

Acunetix always gives me a very good first impression

Aug 10, 2018
5/5
Overall

4 / 5
Ease of Use

4 / 5
Features & Functionality

5 / 5
Customer Support

4 / 5
Value for Money
Likelihood to Recommend: 9.0/10 Not
Likely
Extremely
Likely

Pros: We are using Acunetix now for more than 5 years. It is very easy to create new targets and quickly start automatic scans. The AcuSensor often gives me a good hint where I should take a closer look manually.

Our management likes the well structured reports.

Cons: If a web application is very complex, the scanner sometimes does not really manage to find its path through the process.

Since the application changed to the web gui, it is more complicated to specify pre-recorded login sequence. The user has to log into the server, where Acunetix is hostet and start a different application to record the sequence.

Vendor Response

by Acunetix on August 20, 2018

Thank you for your feedback.

We are planning on integrating the Acunetix Login Sequence Recorder in the Acunetix web UI. This will make it easier to record login sequences moving forward. If all goes well, we will have this feature in place by the end of Q3 / beginning Q4 this year.

Great audit tool

Aug 13, 2018
5/5
Overall

5 / 5
Ease of Use

4 / 5
Features & Functionality

4 / 5
Customer Support

4 / 5
Value for Money
Likelihood to Recommend: 10.0/10 Not
Likely
Extremely
Likely

Pros: Faster analysis, low false positives and intuitive interface

Cons: Take out the manual tools from the acunetix web has been an error.

Overall: after using the tool for several years I can say that it is one of the best web vulnerability scaners on the market

Vendor Response

by Acunetix on August 20, 2018

Thank you for your feedback.

You can download the free Acunetix Manual Pentesting Tools from https://www.acunetix.com/vulnerability-scanner/free-manual-pen-testing-tools/. You can copy the Request done by Acunetix from the Vulnerability details, and use this in the Acuneix Manual Tools

Automated Web Vulnerability Scanning with Acunetix

Aug 13, 2018
5/5
Overall

5 / 5
Ease of Use

5 / 5
Features & Functionality

5 / 5
Customer Support

5 / 5
Value for Money
Likelihood to Recommend: 10.0/10 Not
Likely
Extremely
Likely

Pros: I have been using the On Premises version for a few years now. Acunetix is really easy to use with a very user-friendly web portal to manage the targets, scans, reports, settings, etc. I really like the reports, after every scan, from which you can easily spot the important and high risk vulnerabilities, with recommendations on how to fix each issue.

Cons: nothing, everything is perfect! the only catch is the price change, but I believe it's worth it.

Overall: I use Acunetix to scan our Websites and web applications, usually on the test machines, in order to spot vulnerabilities before moving things to production. The nice thing with Acunetix is that you can schedule automated scans, daily, weekly or monthly, so you can just check the reports with the affected items.

Vendor Response

by Acunetix on August 16, 2018

Thank you for an excellent review. We are really happy Acunetix is working out for you

excellent quality!

Aug 12, 2018
5/5
Overall

5 / 5
Ease of Use

5 / 5
Features & Functionality

2 / 5
Customer Support

5 / 5
Value for Money
Likelihood to Recommend: 10.0/10 Not
Likely
Extremely
Likely

Pros: an intuitive, efficient, affordable application

Cons: customer support is quite slow to answer; network scan has been removed, it was a useful function; price increase didn't make us happier

Overall: We worked very well with Acunetix in the last years, we look forward to go on this way

Vendor Response

by Acunetix on August 14, 2018

Thank you for your feedback. Network Scans are still available with Acunetix Online. We will work on improving our Support.

Most user friendly vulnerability scanner i've used

Feb 18, 2018
4/5
Overall

4 / 5
Ease of Use

4 / 5
Features & Functionality

3 / 5
Customer Support

4 / 5
Value for Money

Pros: Acunetix user experience (UX) is one of the best i've encountered. The dashboard feature is very useful for technically inclined and non-technically inclined users. The user interface is appealing and you can find all your statistics on the dashboard. You don't have to look very far to see a summary report of previous or current scans. The dashboard can show you an app's vulnerabilities based on severity by colour coding severities. You can also generate easy to read reports with a click of a button based on the type of report you want.

Cons: The only con I found in this software is lack of support. The response time of the customer service team is poor. I waited weeks to get a response from the team and even then, the back and forth was not helpful as I was not able to get help fast enough.

Vendor Response

by Acunetix on May 30, 2018

Thank you for taking the time to review Acunetix. We are glad you like our new dashboard. We will look at improving our support process.

Capterra-loader

A well priced, cloud based vulnerability scanner

Jan 21, 2018
5/5
Overall

4 / 5
Ease of Use

5 / 5
Features & Functionality

5 / 5
Customer Support

5 / 5
Value for Money
Likelihood to Recommend: 8.0/10 Not
Likely
Extremely
Likely

Pros: I can schedule daily, weekly or monthly scans of targets which checks for vulnerabilities in our cloud infrastructure from one control panel. The ability to send different types of reports to various parties, for example a 'Board level' report or 'Developer' report is handy for tailoring content to the audience.

Cons: It perhaps could be improved by adding a section for commenting on how a vulnerability was fixed and a link to a relevant URL to confirm this. Pricing is good for a small amount of targets, but quickly becomes expensive for multiple target locations.

Vendor Response

by Acunetix on July 27, 2018

Thank you for your feedback

Amazing Pentesting tool

Aug 10, 2018
4/5
Overall

5 / 5
Ease of Use

5 / 5
Features & Functionality

4 / 5
Customer Support

4 / 5
Value for Money
Likelihood to Recommend: 8.0/10 Not
Likely
Extremely
Likely

Pros: It is a very fast and stable tool, Acunetix allows you to perform a security audit in an easy and intuitive way.

Cons: Does not allow to audit webservice in the latest version

Vendor Response

by Acunetix on August 20, 2018

Thank you for your feedback.

In the most recent versions, the auditing of a web service has been integrated in the scanner. You can just create a normal scan for the web service, and Acunetix will proceed with scanning it as it used to do before.

Quick and easy to use

Sep 05, 2018
4/5
Overall

5 / 5
Ease of Use

4 / 5
Features & Functionality

5 / 5
Customer Support

4 / 5
Value for Money
Likelihood to Recommend: 8.0/10 Not
Likely
Extremely
Likely

Pros: Quick setup, with a wide range of tests.

Cons: The built in login broweser, as it is outdated and does not support technology like index.db etc.

Overall: Very positive, support top. Software perfect for a quick, general overview of the web application security.

Vendor Response

by Acunetix on September 06, 2018

Thank you for your feedback. We are currently working on a new version of the Login Sequence Recorder which will be able to support a large number of new technologies

Great tool supporting secure SDLC process

Aug 20, 2018
5/5
Overall

5 / 5
Ease of Use

4 / 5
Features & Functionality
Likelihood to Recommend: 9.0/10 Not
Likely
Extremely
Likely

Pros: + Ease of use

+ Point&shoot approach allowing for quick validation of target's overal security

+ Support for various login mechanisms (including OAuth/SSO)

+ Great as part of SDL process

Cons: - Scans might sometimes be slow when run over the internet

Vendor Response

by Acunetix on October 04, 2018

Thank you for your feedback. We are happy you are satisfied with the product.

Capterra-loader

Good web application vulnerability scanner but not recommended.

Oct 02, 2018
4/5
Overall

4 / 5
Ease of Use

4 / 5
Features & Functionality

3 / 5
Customer Support

4 / 5
Value for Money
Likelihood to Recommend: 8.0/10 Not
Likely
Extremely
Likely

Pros: This is a good tool for performing web application scan vulnerability assessment. It's as automated tool which supports application scan provided the URL of applications.

It can give compliance reports including PCI DSS, HIPPAA, OWASP TOP 10 etc.

Acunetix can do credential based scan for web applications.

Cons: Al tough its good tool, from the past experiences of using it, Sometimes acunetic automatically logs out of session while performing the test.

Also, acuneix could provide many false positives, as result have to cross check manually about the details of the scan results.

Vendor Response

by Acunetix on October 04, 2018

Thank you for your candid feedback.

During an automated scan, Acunetix will make a lot of requests, some of which will invalidate the session. Acunetix is able to automatically detect this and will login to the web application to continue scanning the restricted area. As regards false positives, we would be very interested in getting to know about these. Would you be able to forward samples to our team at support@acunetix.com?

Capterra-loader

Too many issues not found

Aug 10, 2018
3/5
Overall

4 / 5
Ease of Use

2 / 5
Features & Functionality

4 / 5
Customer Support

2 / 5
Value for Money
Likelihood to Recommend: 3.0/10 Not
Likely
Extremely
Likely

Pros: Very easy to use, nice GUI and reports...

Cons: Too many issues were not discovered by Acunetix, and subsequently found by customers wielding different tools.

Overall: Acunetix helped us get going with security scans. In the end, the lack of support for certain attacks made us change.

Vendor Response

by Acunetix on August 20, 2018

Sorry to see you go

Good detection rate, great performance overall

Aug 24, 2018
5/5
Overall

5 / 5
Ease of Use

4 / 5
Features & Functionality

5 / 5
Customer Support

5 / 5
Value for Money
Likelihood to Recommend: 9.0/10 Not
Likely
Extremely
Likely

Pros: Ease of use, UI ergonomics, performance, detection rate.

Cons: Some minor issues with false positives found, a bit harder to separate from real vulnerabilities, especially for XSS.

Vendor Response

by Acunetix on August 28, 2018

Thank you for your feedback

Use of Acunetix to test new applications

Aug 17, 2018
5/5
Overall

4 / 5
Ease of Use

4 / 5
Features & Functionality

4 / 5
Customer Support

4 / 5
Value for Money
Likelihood to Recommend: 9.0/10 Not
Likely
Extremely
Likely

Pros: Easy to use, good quality and possibilities to config your own scans.

Cons: The price is a bit high and I wan't more functions for automation.

Overall: We scan all new applications to see and fix all security holes before we start to use the application.

Vendor Response

by Acunetix on October 04, 2018

Thank you for your feedback. We will continue to add more automation in future builds.

Very good price/performance ratio (at least with the old licensing scheme)

Aug 10, 2018
4/5
Overall

4 / 5
Ease of Use

4 / 5
Features & Functionality

3 / 5
Customer Support

5 / 5
Value for Money
Likelihood to Recommend: 8.0/10 Not
Likely
Extremely
Likely

Pros: Easy to use.

It performs many checks that I previously used to do with a collection of other tools.

Cons: It would be great to see in real-time in the product interface what exactly the scanner is doing.

Login Sequence Recorder does not always work.

Overall: I mostly use it as the first tool to analyze an unknown website, especially for black-box activities.

Vendor Response

by Acunetix on August 16, 2018

Thank you for your feedback. We will take your suggestion about real-time scanner monitoring into consideration for future builds.