Acunetix vs Invicti comparison

Read 29 Invicti reviews

2,816 Views
1,510 Comparison Views

96% willing to recommend

Acunetix

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 8, 2024

Acunetix and Invicti compete in web application security testing. Invicti is considered superior due to its more comprehensive feature set.

Features: Acunetix offers impressive automation capabilities, rapid scan speed, and extensive vulnerability coverage. Invicti provides exceptional accuracy, seamless integration capabilities, and advanced scanning features, giving it a competitive edge with enhanced security testing precision and features.

Room for Improvement: Acunetix users seek better error handling, improved report customization, and additional technical advancements. Invicti users desire faster scan times, interface updates, and performance improvements.

Ease of Deployment and Customer Service: Acunetix is easy to install and complemented by responsive customer service. Invicti is recognized for straightforward deployment and proactive support, providing a remarkable customer service experience.

Pricing and ROI: Acunetix is seen as cost-effective with satisfactory ROI, appealing to budget-conscious users. Invicti is pricier but justifies the cost through its robust feature set, delivering higher ROI.

To learn more, read our detailed Acunetix vs. Invicti Report (Updated: March 2025).

Download the complete report

Acunetix vs. Invicti

March 2025

Helped 839,319 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Acunetix

Ranking in Static Application Security Testing (SAST)

14th

Average Rating

7.8

Reviews Sentiment

6.9

Number of Reviews

Ranking in other categories

Application Security Tools (17th), Vulnerability Management (23rd), DevSecOps (6th)

Invicti

Ranking in Static Application Security Testing (SAST)

15th

Average Rating

8.2

Reviews Sentiment

7.3

Number of Reviews

Ranking in other categories

API Security (5th), Dynamic Application Security Testing (DAST) (3rd)

Mindshare comparison

As of March 2025, in the Static Application Security Testing (SAST) category, the mindshare of Acunetix is 3.3%, up from 2.8% compared to the previous year. The mindshare of Invicti is 1.4%, up from 1.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Static Application Security Testing (SAST)

Featured Reviews

AnubhavGoswami

Compliance Manager at Compunnel

Attractive automated reports with boost user productivity and an easy setup

The primary use is mainly related to vulnerability assessment, including both public and internal IP addresses By using this tool, we have reduced the workload and increased the productivity of users. It generates automated reports. This feature is beneficial when sharing reports with clients as…

Read full review

Kunal M

Capability Center Leader, ETRM Platforms at Shell

Proactive scanning measures and realistic audit recommendations enhance development focus

Invicti's proactive scanning measures vulnerabilities each time we deploy or push code to a new environment. This feature helps us focus on priorities and prioritize the development team's effort, integrating seamlessly with DevOps to facilitate proactive scans of environments. Invicti also provides audit recommendations that are quite realistic, making it easy to discuss plans with developers.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The vulnerability scanning option for analyzing the security loopholes on the websites is the most valuable feature of this solution."

"The automated approach to these repetitive discovery attempts would take days to do manually and therefore it helps reduce the time needed to do an assessment."

"Acunetix is the best service in the world. It is easy to manage. It gives a lot of information to the users to see and identify problems in their site or applications. It works very well."

"Picks up weaknesses in our app setups."

"For us, the most valuable aspect of the solution is the log-sequence feature."

"The most important feature is that it's a web-based graphical user interface. That is a great addition. Also, the ability to schedule scans is great."

"Acunetix has an awesome crawler. It gives a referral site map of near targets and also goes really deep to find all the inputs without issues. This was valuable because it helped me find some files or directories, like web admin panels without authentication, which were hidden."

"It's very user-friendly for the testing teams. It's very easy for them to understand things and to fix vulnerabilities."

More Acunetix pros

"It has very good integration with the CI/CD pipeline."

"Crawling feature: Netsparker has very detail crawling steps and mechanisms. This feature expands the attack surface."

"Netsparker provides a more interactive interface that is more appealing."

"Netsparker has valuable features, including the ability to scan our website, an interactive approach, and security data integration."

"I like that it's stable and technical support is great."

"The platform is stable."

"Invicti's proactive scanning measures vulnerabilities each time we deploy or push code to a new environment."

"I am impressed with Invictus’ proof-based scanning. The solution has reduced the incidence of false positive vulnerabilities. It has helped us reduce our time and focus on vulnerabilities."

More Invicti pros

Cons

"We want to see how much bandwidth usage it consumes. When we monitor traffic we have issues with the consumption and throttling of the traffic."

"There's a clear need for a reduction in pricing to make the service more accessible."

"The solution is generally stable, however, there might be room for improvement regarding glitches or bugs."

"It is difficult to create a proxy connection."

"The solution's pricing could be better."

"The solution can be improved by adding the ability to scan subdomains automatically, and by providing reports that can be exported to external databases to share with other solutions."

"The vulnerability identification speed should be improved."

"There is room for improvement in website authentication because I've seen other products that can do it much better."

More Acunetix cons

"The solution needs to make a more specific report."

"Reporting should be improved. The reporting options should be made better for end-users. Currently, it is possible, but it's not the best. Being able to choose what I want to see in my reports rather than being given prefixed information would make my life easier. I had to depend on the API for getting the content that I wanted. If they could fix the reporting feature to make it more comprehensive and user-friendly, it would help a lot of end-users. Everything else was good about this product."

"The license could be better. It would help if they could allow us to scan multiple URLs on the same license. It's a major hindrance that we are facing while scanning applications, and we have to be sure that the URLs are the same and not different so that we do not end up consuming another license for it. Netsparker is one of the costliest products in the market. The licensing is tied to the URL, and it's restricted. If you have a URL that you scanned once, like a website, you cannot retry that same license. If you are scanning the same website but in a different domain or different URL, you might end up paying for a second license. It would also be better if they provided proper support for multi-factor authentications. In the next release, I would like them to include good multi-factor authentication support."

"The solution's false positive analysis and vulnerability analysis libraries could be improved."

"The support's response time could be faster since we are in different time zones."

"They need to improve their support in the documentation. Their support mechanism is missing. Their responsiveness, technical staff, and these types of things need to be improved, and comprehensive documentation is required. They should have good self-service portal enhancement"

"Asset scanning could be better. Once, it couldn't scan assets, and the issue was strange. The price doesn't fit the budget of small and medium-sized businesses."

"Invicti takes too long with big applications, and there are issues with the login portal."

More Invicti cons

Pricing and Cost Advice

"The solution is expensive."

"The cost is based on two types of licenses, ConsultLite, and ConsultPlus, as well as the number of domains that are scanned."

"All things considered, I think it has a good price/value ratio."

"The costs aren't very expensive. It costs around $3000 or $4000."

"When we looked at all other vendors and what they were asking for, to provide a third of what Acunetix was capable of doing, it was an easy decision... But now that it's coming to a cost where it's line with market value, it becomes more of a competition... Acunetix is raising the cost of licensing. It's 3.5 times what we were initially quoted."

"Implementing Acunetix needs a medium or larger business agency, because you need some money to get Acunetix. It is costly, but if you care about your agency's security, then maybe it's a cost that might help you in the future."

"It is a bit expensive. If you need to check five applications, you have to pay almost 14,000. It is an agreement for two years at 7,000 per year for only five applications. You cannot change the applications in the license. So, you are stuck with the same license for the five applications for one full year."

"I would say that Acunetix is expensive because there are products on the market with similar features that are equally or better-priced."

More Acunetix pricing and cost advice

"I think that price it too high, like other Security applications such as Acunetix, WebInspect, and so on."

"The solution is very expensive. It comes with a yearly subscription. We were paying 6000 dollars yearly for unlimited scans. We have three licenses; basic, business, and ultimate. We need ultimate because it has unlimited scan numbers."

"Netsparker is one of the costliest products in the market. It would help if they could allow us to scan multiple URLs on the same license."

"We are using an NFR license and I do not know the exact price of the NFR license. I think 20 FQDN for three years would cost around 35,000 US Dollars."

"Invicti is best suited for large enterprises. I don't think small and medium-sized businesses can afford it. Maintenance costs aren't that great."

"It is competitive in the security market."

"We never had any issues with the licensing; the price was within our assigned limits."

"The price should be 20% lower"

More Invicti pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.

See recommendations

839,319 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

17%

Financial Services Firm

13%

Government

Manufacturing Company

Educational Organization

54%

Financial Services Firm

Computer Software Company

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Acunetix Vulnerability Scanner?

The tool's most valuable feature is scan configurations. We use it for external physical applications. The scanning time depends on the application's code.

What is your primary use case for Acunetix Vulnerability Scanner?

I use Acunetix for penetration testing purposes. This is the primary use case.

What advice do you have for others considering Acunetix Vulnerability Scanner?

I rate the overall solution nine out of ten. I prefer Acunetix for its more precise and accurate results.

What is your experience regarding pricing and costs for Netsparker Web Application Security Scanner?

As a technical user, I do not handle pricing or licensing, but I am aware that Invicti offers flexible licensing models based on organizational needs.

What do you like most about Invicti?

The most valuable feature of Invicti is getting baseline scanning and incremental scan.

What needs improvement with Invicti?

Invicti's reporting capabilities need enhancement. We need enterprise-level information instead of repo-level details. Unlike Appiro, Invicti does not provide portfolio-level insights into vulnerab...

PortSwigger Burp Suite Professional vs Acunetix

Comparisons

OWASP Zap vs Acunetix

Compared 16% of the time

Compared 12% of the time

HCL AppScan vs Acunetix

Compared 10% of the time

Tenable.io Web Application Scanning vs Acunetix

Compared 7% of the time

PortSwigger Burp Suite Enterprise Edition vs Acunetix

Compared 6% of the time

More Acunetix Competitors

OWASP Zap vs Invicti

Compared 14% of the time

Qualys Web Application Scanning vs Invicti

Compared 6% of the time

PortSwigger Burp Suite Professional vs Invicti

Compared 6% of the time

SonarQube Server (formerly SonarQube) vs Invicti

Compared 5% of the time

Snyk vs Invicti

Compared 5% of the time

More Invicti Competitors

Product Reports

Download Acunetix product report

Acunetix

March 2025

Download Invicti product report

February 2025

Also Known As

AcuSensor

Netsparker

Overview

Acunetix Web Vulnerability Scanner is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross site scripting, and other exploitable vulnerabilities.

Invicti helps DevSecOps teams automate security tasks and save hundreds of hours each month by identifying web vulnerabilities that matter. Combining dynamic with interactive testing (DAST + IAST) and software composition analysis (SCA), Invicti scans every corner of an app to find what other tools miss with 99.98% accuracy, delivering on the promise of Zero Noise AppSec. Invicti helps discover all web assets — even ones that are lost, forgotten, or created by rogue departments. With an array of out-of-the-box integrations, DevSecOps teams can get ahead of their workloads to hit critical deadlines, improve processes, and communicate more effectively while reducing risk and hitting the ROI goals.

Sample Customers

Joomla!, Digicure, Team Random, Credit Suisse, Samsung, Air New Zealand

Samsung, The Walt Disney Company, T-Systems, ING Bank