"The usability and overall scan results are good."
"It can operate both as a standalone and it can be integrated with other applications, which makes it a very versatile solution to have."
"The scalability is good. The scalability is more than good because it can operate both as a standalone and it can be integrated as part of applications. So that really makes it a very, very versatile solution to have."
"There is a lot of documentation on their website which makes setting it up and using it quite simple."
"Acunetix has an awesome crawler. It gives a referral site map of near targets and also goes really deep to find all the inputs without issues. This was valuable because it helped me find some files or directories, like web admin panels without authentication, which were hidden."
"For us, the most valuable aspect of the solution is the log-sequence feature."
"It's very user-friendly for the testing teams. It's very easy for them to understand things and to fix vulnerabilities."
"I haven't seen reporting of that level in any other tool."
"They offer free access to some other tools."
"The interface is easy to use."
"Automatic updates and pull request analysis."
"It has evolved over the years and recently in the last year they have added, HUD (Heads Up Display)."
"The stability of the solution is very good."
"Simple to use, good user interface."
"Automatic scanning is a valuable feature and very easy to use."
"The solution is scalable."
"The jargon used makes it difficult for project managers to understand the issues, and the technical explanations used make it difficult for developers to understand issues. These things should be simplified much more. That would be very helpful for us when explaining to them what needs to be fixed. The report output needs to be simplified."
"When monitoring the traffic we always have issues with the bandwidth consumption and the throttling of traffic."
"The vulnerability identification speed should be improved."
"We want to see how much bandwidth usage it consumes. When we monitor traffic we have issues with the consumption and throttling of the traffic."
"While we do have it integrated with other solutions, it could still offer more integrations."
"The pricing is a bit on the higher side."
"Currently only supports web scanning."
"I had some issues with the JSON parameters where it found some strange vulnerabilities, but it didn't alert the person using it or me about these vulnerabilities, e.g., an error for SQL injection."
"Deployment is somewhat complicated."
"Reporting format has no output, is cluttered and very long."
"It would be a great improvement if they could include a marketplace to add extra features to the tool."
"The ability to search the internet for other use cases and to use the solution to make applications more secure should be addressed."
"The documentation needs to be improved because I had to learn everything from watching YouTube videos."
"Zap could improve by providing better reports for security and recommendations for the vulnerabilities."
"The forced browse has been incorporated into the program and it is resource-intensive."
"It would be ideal if I could try some pre-built deployment scenarios so that I don't have to worry about whether the configuration sector team is doing it right or wrong. That would be very helpful."
Acunetix by Invicti is ranked 8th in Application Security Testing (AST) with 10 reviews while OWASP Zap is ranked 6th in Application Security Testing (AST) with 9 reviews. Acunetix by Invicti is rated 7.2, while OWASP Zap is rated 7.0. The top reviewer of Acunetix by Invicti writes "We are getting notably fewer false positives than previously, but reporting output needs to be simplified". On the other hand, the top reviewer of OWASP Zap writes "Great at reporting vulnerabilities, helps with security, and reveals development threats well". Acunetix by Invicti is most compared with PortSwigger Burp Suite Professional, Veracode, Fortify WebInspect, HCL AppScan and Tenable.io Web Application Scanning, whereas OWASP Zap is most compared with PortSwigger Burp Suite Professional, Veracode, Qualys Web Application Scanning, Fortify WebInspect and Netsparker by Invicti. See our Acunetix by Invicti vs. OWASP Zap report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
