"The scalability is good. The scalability is more than good because it can operate both as a standalone and it can be integrated as part of applications. So that really makes it a very, very versatile solution to have."
"It can operate both as a standalone and it can be integrated with other applications, which makes it a very versatile solution to have."
"Picks up weaknesses in our app setups."
"There is a lot of documentation on their website which makes setting it up and using it quite simple."
"For us, the most valuable aspect of the solution is the log-sequence feature."
"Acunetix has an awesome crawler. It gives a referral site map of near targets and also goes really deep to find all the inputs without issues. This was valuable because it helped me find some files or directories, like web admin panels without authentication, which were hidden."
"I haven't seen reporting of that level in any other tool."
"Overall, it's a very good tool and a very good engine."
"Simple to use, good user interface."
"The solution is scalable."
"Automatic updates and pull request analysis."
"It has evolved over the years and recently in the last year they have added, HUD (Heads Up Display)."
"They offer free access to some other tools."
"Automatic scanning is a valuable feature and very easy to use."
"The stability of the solution is very good."
"The solution is good at reporting the vulnerabilities of the application."
"The jargon used makes it difficult for project managers to understand the issues, and the technical explanations used make it difficult for developers to understand issues. These things should be simplified much more. That would be very helpful for us when explaining to them what needs to be fixed. The report output needs to be simplified."
"We want to see how much bandwidth usage it consumes. When we monitor traffic we have issues with the consumption and throttling of the traffic."
"The pricing is a bit on the higher side."
"When monitoring the traffic we always have issues with the bandwidth consumption and the throttling of traffic."
"While we do have it integrated with other solutions, it could still offer more integrations."
"The solution limits the number of scans. It would be much better if we could have unlimited scans."
"The vulnerability identification speed should be improved."
"I had some issues with the JSON parameters where it found some strange vulnerabilities, but it didn't alert the person using it or me about these vulnerabilities, e.g., an error for SQL injection."
"Reporting format has no output, is cluttered and very long."
"The documentation needs to be improved because I had to learn everything from watching YouTube videos."
"It would be ideal if I could try some pre-built deployment scenarios so that I don't have to worry about whether the configuration sector team is doing it right or wrong. That would be very helpful."
"Too many false positives; test reports could be improved."
"The forced browse has been incorporated into the program and it is resource-intensive."
"The ability to search the internet for other use cases and to use the solution to make applications more secure should be addressed."
"Zap could improve by providing better reports for security and recommendations for the vulnerabilities."
"It would be a great improvement if they could include a marketplace to add extra features to the tool."
Acunetix Web Vulnerability Scanner is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross site scripting, and other exploitable vulnerabilities.
Zed Attack Proxy (ZAP) is a free, open-source penetration testing tool being maintained under the umbrella of the Open Web Application Security Project (OWASP). ZAP is designed specifically for testing web applications and is both flexible and extensible.
Acunetix by Invicti is ranked 8th in Application Security Testing (AST) with 10 reviews while OWASP Zap is ranked 6th in Application Security Testing (AST) with 9 reviews. Acunetix by Invicti is rated 7.2, while OWASP Zap is rated 7.0. The top reviewer of Acunetix by Invicti writes "We are getting notably fewer false positives than previously, but reporting output needs to be simplified". On the other hand, the top reviewer of OWASP Zap writes "Great at reporting vulnerabilities, helps with security, and reveals development threats well". Acunetix by Invicti is most compared with PortSwigger Burp Suite Professional, Veracode, Fortify WebInspect, HCL AppScan and Tenable.io Web Application Scanning, whereas OWASP Zap is most compared with PortSwigger Burp Suite Professional, Veracode, Qualys Web Application Scanning, Fortify WebInspect and Netsparker by Invicti. See our Acunetix by Invicti vs. OWASP Zap report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.