We performed a comparison between Acunetix and Fortify WebInspect based on real PeerSpot user reviews.
Find out in this report how the two DevSecOps solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."One of the features that I feel is groundbreaking, that I would like to see expanded on, is the IAS feature: The Interactive Application Security Testing module that gets loaded onto an application on a server, for more in-depth, granular findings. I think that is really neat. I haven't seen a lot of competitors doing that."
"The usability and overall scan results are good."
"For us, the most valuable aspect of the solution is the log-sequence feature."
"Our developers can run the attacks directly from their environments, desktops."
"It's very user-friendly for the testing teams. It's very easy for them to understand things and to fix vulnerabilities."
"We are able to create a report which shows the PCI DSS scoring and share it with the application teams. Then, they can correlate and see exactly what they need to fix, and why."
"I haven't seen reporting of that level in any other tool."
"Overall, it's a very good tool and a very good engine."
"Fortify WebInspect is a scalable solution, it is good for a lot of applications."
"The most valuable feature is the static analysis."
"Good at scanning and finding vulnerabilities."
"Technical support has been good."
"The accuracy of its scans is great."
"The most valuable feature of this solution is the ability to make our customers more secure."
"There are lots of small settings and tools, like an HTTP editor, that are very useful."
"Reporting, centralized dashboard, and bird's eye view of all vulnerabilities are the most valuable features."
"The vulnerability identification speed should be improved."
"When monitoring the traffic we always have issues with the bandwidth consumption and the throttling of traffic."
"Acunetix needs to include agent analysis."
"There is room for improvement in website authentication because I've seen other products that can do it much better."
"Currently only supports web scanning."
"Tools that would allow us to work more efficiently with the mobile environment, with Android and iOS."
"There are some versions of the solution that are not as stable as others."
"Integration into other tools is very limited for Acunetix. While we're trying to incorporate a CI/CD process where we're integrating with JIRA and we're integrating with Jenkins and Chef, it becomes problematic. Other tools give you a high integration capability to connect into different solutions that you may already have, like JIRA."
"Fortify WebInspect could improve user-friendliness. Additionally, it is very bulky to use."
"A localized version, for example, in Korean would be a big improvement to this solution."
"We have often encountered scanning errors."
"Not sufficiently compatible with some of our systems."
"The scanner could be better."
"Our biggest complaint about this product is that it freezes up, and literally doesn't work for us."
"It took us between eight and ten hours to scan an entire site, which is somewhat slow and something that I think can be improved."
"Creating reports is very slow and it is something that should be improved."
Acunetix is ranked 5th in DevSecOps with 26 reviews while Fortify WebInspect is ranked 7th in DevSecOps with 17 reviews. Acunetix is rated 7.6, while Fortify WebInspect is rated 7.0. The top reviewer of Acunetix writes "Fantastic reporting features hindered by slow scanning ". On the other hand, the top reviewer of Fortify WebInspect writes "A powerful tool catering to multiple use cases that provides reasonably good technical support". Acunetix is most compared with OWASP Zap, Tenable.io Web Application Scanning, PortSwigger Burp Suite Professional, HCL AppScan and Veracode, whereas Fortify WebInspect is most compared with PortSwigger Burp Suite Professional, Fortify on Demand, OWASP Zap, HCL AppScan and Qualys Web Application Scanning. See our Acunetix vs. Fortify WebInspect report.
See our list of best DevSecOps vendors.
We monitor all DevSecOps reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.