Likelihood to Recommend It is best suited for integrated security testing of applications which are hosted on web servers. The most important thing is the integration of DevSecOps which is crucial in today's fast paced environment of rapid development. The core of Acunetix is application scanning which is really great and I highly recommend this product to everyone
Read full review Armor gives you what you need to be successful regardless of technical ability. If you can maintain the systems yourself, you are definitely ahead of the game with their service. If you're not prepared to configure and maintain the systems, they do a pretty good job of getting it set up during the onboarding process so that you don't need to dig into the technical guts too much. If you find yourself in over your head, their support staff can handle it for you in most cases.
Read full review Pros Fast. Easy-to-use. Great customer support. Reporting features. Supports importing state files from other popular application testing tools. Has other features built-in beyond just scanning for vulnerabilities. Aaron Bryson Director - Red Team (Application, Mobile, Cloud, IoT security, etc.)
Read full review Security - we have requirements met right out of the box and the implementation of new resources is done with security in mind. Speed - We can scale resources easy and the infrastructure is fast and efficient. Responsiveness - Support tickets are handled very fast with almost immediate solutions. Read full review Cons Configuration of DevSecOps can be improved for ease Dashboard can have API integration Broaden the scope of vulnerabilities Read full review Authentication and access against the secure messaging portal is overkill when the response I'm logging in to see merely says, "yes, we have your message. An agent will respond shortly". There should be an option to receive updates like this through email. The online portal that allows us to clone servers is very slow to respond. More than once I've spun up an additional server due to the lack of visual feedback on the initial request. The web application firewall does not seem to be sophisticated enough to differentiate between logged in administrators and end users. We use a CMS system which allows admins to create scripts. These often get barred by the WAF even though they are not malicious. Read full review Support Rating Approximately 50% of all messages we receive are automated. Either that an agent will be assigned, has been assigned, or a ticket is closed. I'd like to see more 'real' interaction, and less box ticking, though I appreciate process has to be followed. That's the one point off. Everything else is very good.
Read full review Alternatives Considered ZAP is a free tool, and adequate. But it is to that extent less friendly. I would not be as confident of the results and it definitely can't produce reports on par with Acunetix. There would be a lot of legwork on our end if we desired to switch to this tool.
Read full review Return on Investment Saved money compared to other commercial scanners, especially over the long run. Scan speed seems to be pretty good compared to some of the bulkier commercial products out there. However, that largely has to do with proper configuration. A downside is that is requires a bit of extra work just to get it set up to scan APIs, web services, etc. Aaron Bryson Director - Red Team (Application, Mobile, Cloud, IoT security, etc.)
Read full review ScreenShots Acunetix by Invicti Screenshots