What users are saying about
9 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener'>trScore algorithm: Learn more.</a>
Score 7.4 out of 100
8 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener'>trScore algorithm: Learn more.</a>
Score 7.9 out of 100

Likelihood to Recommend

Acunetix by Invicti

It is suited well for ad-hoc and scheduled application vulnerability scans. You must review the results to manually filter out false-positives. You must always keep in mind that this is only a vulnerability scan. It can only find a certain class of vulnerabilities, and it can only do that so well. You should definitely not rely on this tool alone for identifying problems. That being said, I have used it along with every other major commercial vulnerability scanner and find it to the best overall ROI compared to more expensive commercial scanners that don't necessarily give you a better user experience or better vulnerability results. I rarely need support from the vendor, but when I do, they have been responsive and able to solve the issue quickly.
Aaron Bryson | TrustRadius Reviewer

HackerOne

HackerOne is for people who like to work on their own time and not have to deal with direct management. As you can work when You like, you have the ability to work when you decide to. The caveat of that is that you really have to focus and find bugs, as there are thousands of other testers testing the same thing as you
Peter Paccione | TrustRadius Reviewer

Pros

Acunetix by Invicti

  • Fast.
  • Easy-to-use.
  • Great customer support.
  • Reporting features.
  • Supports importing state files from other popular application testing tools.
  • Has other features built-in beyond just scanning for vulnerabilities.
Aaron Bryson | TrustRadius Reviewer

HackerOne

  • Easy to use interface.
  • Good security researchers use the platform.
  • Quality bug validations services.
Stephen Groat | TrustRadius Reviewer

Cons

Acunetix by Invicti

  • Does not support multiple endpoints well (e.g. apps and services that do not reside at the same URL).
  • Has authentication problems with modern enterprise apps which involve a lot of redirects to unrelated endpoints, federated IDs, SSO, etc. This is related to the first point.
  • The vulnerability detection capability is not as robust as Burp Suite Pro + extensions, Metasploit + auxiliary modules, Nmap + scripts, etc.
Aaron Bryson | TrustRadius Reviewer

HackerOne

  • A lot of duplicate bugs get reported, although it does offer automatic suggestion of previously reported bugs that may be duplicates, it is far from perfect.
  • Anyone can report bugs, a lot of them are not verified before submission. This sometimes leads to a lot of time spent in verifying if the bug is really actionable.
  • Each submission has to be treated with equal potential, a lot of time, some time gets invested in vulnerabilities that aren't as important as some others.
Jugpreet Talwar | TrustRadius Reviewer

Alternatives Considered

Acunetix by Invicti

Every year, we re-evaluate the tools we are using and licensing. We balance the ever-changing vendor licensing-models, costs, tool features/usability, etc. For the last few years, this has been the best overall commercial tool for our specific use case. However, this is only one of many tools that we use and need.
Aaron Bryson | TrustRadius Reviewer

HackerOne

These were very close and we liked HackerOne better. For a time we did have both and we felt the need to consolidate the information into one platform and end of life our internal offering. Overall we've been fairly happy with HackerOne.
Anonymous | TrustRadius Reviewer

Return on Investment

Acunetix by Invicti

  • Saved money compared to other commercial scanners, especially over the long run.
  • Scan speed seems to be pretty good compared to some of the bulkier commercial products out there. However, that largely has to do with proper configuration.
  • A downside is that is requires a bit of extra work just to get it set up to scan APIs, web services, etc.
Aaron Bryson | TrustRadius Reviewer

HackerOne

  • Fixed many bugs with little payout
  • No revolving employee fees
  • Health insurance not required
Peter Paccione | TrustRadius Reviewer

Screenshots

Pricing Details

Acunetix by Invicti

General

Free Trial
Yes
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

Acunetix by Invicti Editions & Modules

Edition
Websites Scanned: 5$4,500
Websites Scanned: 6-10$7,200
Websites Scanned: 11-20$10,800
Websites Scanned: 21-35$22,540
Websites Scanned: 36-50$26,600
Websites Scanned: Over 50Contact for quote
    Additional Pricing Details

    HackerOne

    General

    Free Trial
    Free/Freemium Version
    Premium Consulting/Integration Services
    Entry-level set up fee?
    No

    HackerOne Editions & Modules

    Additional Pricing Details
    For more information please email www.hackerone.com/contact or find us on the AWS Marketplace: https://aws.amazon.com/marketplace/seller-profile?id=10857e7c-011b-476d-b938-b587deba31cf

    Add comparison