Skip to main content
Acunetix by Invicti

Acunetix by Invicti


What is Acunetix by Invicti?

AcuSensor from Maltese company Acunetix is application security and testing software.

Read more
Recent Reviews

TrustRadius Insights

Acunetix is a highly reliable and efficient tool that is widely used by organizations to enhance the security of their web applications. …
Continue reading
Read all reviews
Return to navigation


View all pricing

Websites Scanned: 5


On Premise

Websites Scanned: 6-10


On Premise

Websites Scanned: 11-20


On Premise

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visit


  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services
Return to navigation

Product Details

What is Acunetix by Invicti?

Acunetix is an automated web application security testing tool. The vendor says it is used by many Fortune 500 customers. Acunetix detects and reports on an array of web application vulnerabilities. The Acunetix crawler supports HTML5 and JavaScript and Single-page applications, allowing auditing of complex, authenticated applications. Acunetix can automatically detect out-of-band vulnerabilities and is available both as an online and on premise solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritise and control vulnerability threats – ordered by business criticality.

Acunetix by Invicti Features

  • Supported: Discovers and scans all web applications
  • Supported: Identifies web vulnerabilities including SQLi and XSS
  • Supported: Delievers compliance reports

Acunetix by Invicti Screenshots

Screenshot of DashboardScreenshot of FilteringScreenshot of scan results

Acunetix by Invicti Video

Acunetix by Invicti Integrations

Acunetix by Invicti Competitors

Acunetix by Invicti Technical Details

Deployment TypesOn-premise
Operating SystemsWindows, Linux
Mobile ApplicationNo
Supported CountriesAll
Supported LanguagesEnglish

Acunetix by Invicti Downloadables

Return to navigation


View all alternatives
Return to navigation

Reviews and Ratings


Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

Acunetix is a highly reliable and efficient tool that is widely used by organizations to enhance the security of their web applications. Users rely on Acunetix to quickly assess the security of online apps and identify any flaws that need to be addressed. With its dynamic application testing capabilities, this software is capable of detecting OWASP's top 10 vulnerabilities, ensuring that potential risks are identified and resolved promptly.

One of the key benefits of Acunetix is its ability to easily find vulnerabilities in web applications through automated scanning, saving users valuable time and effort. Businesses appreciate the tool's effectiveness in detecting complex security issues like SQL injections and cross-site scripting, which can pose significant risks if left undetected. The detailed reports provided by Acunetix on web application vulnerabilities, along with remediation suggestions and compliance with standards such as OWASP Top 10 and SANS 25, enable organizations to prioritize and implement necessary security measures.

Acunetix caters to the needs of various stakeholders within organizations by offering a user-friendly interface and customizable reporting features. Security professionals find it easy to manage web application security with Acunetix, leveraging its features to stay on top of potential vulnerabilities. The software also provides an added layer of vulnerability discovery by automating the scanning process for websites. Its integration into CI/CD pipelines allows for end-to-end vulnerability reporting workflows, ensuring that security remains a priority at every stage of development.

Users highly value Acunetix as a reliable scanner for web assessments, appreciating its accuracy in providing results with fewer false positives compared to other tools in the market. The ability to schedule scans, continuous improvement, and integration with ticket systems are additional features that contribute to effective vulnerability management. From assessing web application security and compliance with international standards to protecting business infrastructure, Acunetix serves as an indispensable solution for various use cases related to web application security testing and vulnerability assessment.

Despite some minor issues reported by users, Acunetix has received predominantly positive feedback and remains a popular choice for businesses. Its integration into the development process ensures that no vulnerabilities go unnoticed before deployment. With a low false-positive rate and valuable context provided for addressing identified issues, Acunetix enhances web application security, suggests ways to fix vulnerabilities, and seamlessly integrates with DevOps and CI/CD schemes.

Based on user reviews, the most common recommendations for Acunetix are as follows:

  1. Consider the working mode (on-site or in the cloud) before deciding on Acunetix.

  2. Try Acunetix for automated web vulnerability scanning.

  3. Prefer Acunetix over Netsparker for their current use case.

  4. Use Acunetix in combination with other tools like BurpSuite.

  5. Be cautious about mapping necessary assets due to license restrictions.

  6. Note difficulties in configuring authenticated scanning.

  7. Have a great experience with Acunetix for understanding application issues and resolving vulnerabilities.

  8. Utilize Acunetix in the development phase of web applications.

  9. Stay away from Acunetix for single page web applications.

  10. Consider business needs and targets before deciding on Acunetix.

  11. Evaluate alternative options like Nessus, OpenVAS, and Nexpose.

  12. Find Acunetix fast and easy to use.

  13. Appreciate the good price/features ratio offered by Acunetix.

  14. Get support and access to API tools when using Acunetix.

  15. Notice improved scan time in the latest version of Acunetix.

  16. Use manual testing in conjunction with the automated scanner.

  17. Consider other products with a more functional and intuitive UI.

  18. Find Acunetix easy to use for managing public-facing web servers.

  19. Think that Acunetix is expensive compared to alternatives like Burp Suite.

  20. Recommend improving control over scans and results in Acunetix.

  21. Praise Acunetix for detecting various vulnerabilities, especially SQL injections.

  22. Emphasize the importance of using Acunetix for application security.

  23. Appreciate the detailed information provided by AcuSensor Technology.

  24. Highlight the cost-saving aspect of appropriate setup by a database administrator.

  25. Install ancillary Acunetix features like AcuSensor and AcuMonitor.

  26. Stay up to date with the newest versions of Acunetix.

These recommendations are based on user feedback and may vary depending on individual experiences and specific use cases.


(1-3 of 3)
Companies can't remove reviews or game the system. Here's why
Rahul Deshmukh | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
I had use case from one of our customers to establish security testing automation in DevSecOps pipeline. I was looking for such a tool and after lot of evaluations found Acunetix perfectly suited to the requirements. After initial PoC of few days with little configuration support from Invicti we decided to go for it and establish a platform for our end customers
  • Integration of tool with different IDE is great
  • Easy to scan code and identify vulnerabilities
  • Dashboard is easy to customise
  • Configuration of DevSecOps can be improved for ease
  • Dashboard can have API integration
  • Broaden the scope of vulnerabilities
It is best suited for integrated security testing of applications which are hosted on web servers. The most important thing is the integration of DevSecOps which is crucial in today's fast paced environment of rapid development. The core of Acunetix is application scanning which is really great and I highly recommend this product to everyone
  • Vulnerabilities scanning
  • DevSecOps interested testing
  • Visibility and remedial action recommendation
  • It helped improve ROI by 30%
  • Helped reduced manpower by 15%
  • Improved churn out of applications by 50%
In my opinion Acunetix fares good in DevSecOps pipeline better than Appspider. In terms of vulnerabilities scanning of dynamic applications I liked Rapid7, however we have better ROI with Acunetix. During 6 months of usage I tried to look into cost benefit analysis and could easily pick Acunetix and in terms of dashboards also I am impressed
Checkmarx, Rapid7 AppSpider, Coverity Static Analysis (SAST)
Score 9 out of 10
Vetted Review
Verified User
We are not a big web development shop but we occasionally do have new code that we need to test against OWASP type web application vulnerabilities. There are many tools that can do this. But most of them have a fairly decent rate of false positives. Also, they don't really help address the issues that they find. Acunetix has had a low false-positive rate for us. The developer reports provide a lot of contexts to help the people who need to fix the issues know what to fix.
  • Low rate of false positives
  • Good reporting options
  • Authenticated scans
  • User management
Acunetix scales well from a small web development presence like ours to a full-scale enterprise focused on that. The various tools and sensors that provide assurance of the results and can give feedback down to the lines of code in the source are proof of this. Various integrations exist as well. The main thing for us is that it simplifies confirming and remediating potential issues in our code or proving that products we use have issues that we can then take to the vendor for correction.
  • Low rate of false positives
  • Detailed developer reports
  • Support for a sufficient number of assets
  • It has aided audit compliance
  • It has allowed for deployment of secure code
ZAP is a free tool, and adequate. But it is to that extent less friendly. I would not be as confident of the results and it definitely can't produce reports on par with Acunetix. There would be a lot of legwork on our end if we desired to switch to this tool.
Aaron Bryson | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Acunetix is used to support our customer's vulnerability management and application security programs.
  • Fast.
  • Easy-to-use.
  • Great customer support.
  • Reporting features.
  • Supports importing state files from other popular application testing tools.
  • Has other features built-in beyond just scanning for vulnerabilities.
  • Does not support multiple endpoints well (e.g. apps and services that do not reside at the same URL).
  • Has authentication problems with modern enterprise apps which involve a lot of redirects to unrelated endpoints, federated IDs, SSO, etc. This is related to the first point.
  • The vulnerability detection capability is not as robust as Burp Suite Pro + extensions, Metasploit + auxiliary modules, Nmap + scripts, etc.
It is suited well for ad-hoc and scheduled application vulnerability scans. You must review the results to manually filter out false-positives. You must always keep in mind that this is only a vulnerability scan. It can only find a certain class of vulnerabilities, and it can only do that so well. You should definitely not rely on this tool alone for identifying problems. That being said, I have used it along with every other major commercial vulnerability scanner and find it to the best overall ROI compared to more expensive commercial scanners that don't necessarily give you a better user experience or better vulnerability results.
I rarely need support from the vendor, but when I do, they have been responsive and able to solve the issue quickly.
  • Saved money compared to other commercial scanners, especially over the long run.
  • Scan speed seems to be pretty good compared to some of the bulkier commercial products out there. However, that largely has to do with proper configuration.
  • A downside is that is requires a bit of extra work just to get it set up to scan APIs, web services, etc.
Every year, we re-evaluate the tools we are using and licensing. We balance the ever-changing vendor licensing-models, costs, tool features/usability, etc. For the last few years, this has been the best overall commercial tool for our specific use case. However, this is only one of many tools that we use and need.
Return to navigation