Acunetix vs Checkmarx One vs OpenText Dynamic Application Security Testing comparison

Invicti and Checkmarx are both solutions in the DevSecOps category. Invicti is ranked #6 with an average rating of 8.3, while Checkmarx is ranked #5 with an average rating of 8.3. Invicti holds a 9.3% mindshare in DSO, compared to Checkmarx’s 16.1% mindshare. Additionally, 86% of Invicti users are willing to recommend the solution, compared to 87% of Checkmarx users who would recommend it.

Acunetix

Read 33 Acunetix reviews

6,393 Views
703 Comparison Views

86% willing to recommend

Checkmarx One

Read 71 Checkmarx One reviews

21,636 Views
1,515 Comparison Views

87% willing to recommend

OpenText Dynamic Applicatio...

Read 21 OpenText Dynamic Application Security Testing reviews

3,718 Views
706 Comparison Views

82% willing to recommend

Acunetix

Checkmarx One

OpenText Dynamic Applicatio...

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Acunetix, Checkmarx One, and OpenText Dynamic Application Security Testing based on real PeerSpot user reviews.

Find out what your peers are saying about GitLab, Snyk, GitGuardian and others in DevSecOps.

To learn more, read our detailed DevSecOps Report (Updated: July 2025).

Buyer's Guide

DevSecOps

July 2025

Download the complete report

Helped 862,624 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Mindshare comparison

As of July 2025, in the DevSecOps category, the mindshare of Acunetix is 9.3%, down from 10.9% compared to the previous year. The mindshare of Checkmarx One is 16.1%, down from 21.8% compared to the previous year. The mindshare of OpenText Dynamic Application Security Testing is 6.7%, down from 11.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.

DevSecOps

Featured Reviews

KashifJamil

CEO at Xcelliti

Has enabled teams to improve security testing with smooth integration and high accuracy

Acunetix has a very good ratio of fewer false positives, so users don't need to retest everything. Acunetix operates smoothly with no interruptions required, and it performs at 100% efficiency without issues in scanning anything. The solution is excellent at detecting SQL injection and cross-site scripting vulnerabilities. Acunetix integrates with every type of tool, including CI/CD tools, offering 100% integration in DevOps environments. The main benefit of Acunetix is that at the first level, users can address security issues related to penetration testing, allowing them to expose vulnerabilities and ensure all required testing is completed with very few false positives.

Read full review

Syed Hasan

Specialist Leader at Deloitte

Partner experiences excellent technical support and seamless initial setup

In my opinion, if we are able to extract or show the report, and because everything is going towards agent tech and GenAI, it would be beneficial if it could get integrated with our code base and do the fix automatically. It could suggest how the code base is written and automatically populate the source code with three different solution options to choose from. This would be really helpful.

Read full review

Navin N

Global ISO 27001 Program Lead at DXC Technology

Effective scanning of diverse file extensions with fast reporting and issue resolution

We develop software packages for clients, and these clients are mostly in the BFSI sector. The packages need to be scanned, and we engage Fortify WebInspect for this. Customers typically perform their own application pen tests, but in some cases, we have engagements where customers want us to scan…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The solution is excellent at detecting SQL injection and cross-site scripting vulnerabilities."

"The most important feature is that it's a web-based graphical user interface. That is a great addition. Also, the ability to schedule scans is great."

"Overall, it's a very good tool and a very good engine."

"The features of Acunetix have proved most effective in identifying vulnerabilities."

"It's very user-friendly for the testing teams. It's very easy for them to understand things and to fix vulnerabilities."

"I find it to be one of the most comprehensive tools, with support for manual intervention."

"By integrating with CI/CD tools, it enables a shift-left approach in the development process."

"Acunetix is the best service in the world. It is easy to manage. It gives a lot of information to the users to see and identify problems in their site or applications. It works very well."

More Acunetix pros

"The tool's valuable features include integrating GPT and Copilot. Additionally, the UI web representation is very user-friendly, making navigation easy. GPT has made several improvements to my security code."

"The UI is user-friendly."

"It is a stable product."

"The setup is fairly easy. We didn't struggle with the process at all."

"The solution is always updating to continuously add items that create a level of safety from vulnerabilities. It's one of the key features they provide that's an excellent selling point. They're always ahead of the game when it comes to finding any vulnerabilities within the database."

"We use the solution to validate the source code and do SAST and security analysis."

"We were using HPE Security Fortify to scan code for security vulnerabilities, but it can scan only after a successful compile. If the code has dependencies or build errors, the scan fails. With Checkmarx, pre-compile scanning is seamless. This allows us to scan more code."

"It's not an obstacle for developers. They can easily write their code and make it more secure with Checkmarx."

More Checkmarx One pros

"I've found the centralized dashboard the most valuable. For the management, it helps a lot to have abilities at the central level."

"There are lots of small settings and tools, like an HTTP editor, that are very useful."

"The user interface is ok and it is very simple to use."

"The most valuable feature is the static analysis."

"Fortify WebInspect is a scalable solution, it is good for a lot of applications."

"The transaction recorder within WebInspect is easy to use, which is valuable for our team."

"Reporting, centralized dashboard, and bird's eye view of all vulnerabilities are the most valuable features."

"Guided Scan option allows us to easily scan and share reports."

More OpenText Dynamic Application Security Testing pros

Cons

"While we do have it integrated with other solutions, it could still offer more integrations."

"It is difficult to create a proxy connection."

"There is room for improvement in website authentication because I've seen other products that can do it much better."

"Acunetix needs to be dynamic with JavaScript code, unlike Netsparker which can scan complex agents."

"Integration into other tools is very limited for Acunetix. While we're trying to incorporate a CI/CD process where we're integrating with JIRA and we're integrating with Jenkins and Chef, it becomes problematic. Other tools give you a high integration capability to connect into different solutions that you may already have, like JIRA."

"It should be easier to recreate something manually, with the manual tool, because Acunetix is an automatic tool. If it finds something, it should be easier to manually replicate it. Sometimes you don't get the raw data from the input and output, so that could be improved."

"The cost can be reduced as management has noted it to be on the higher side."

"In terms of what needs improvement, the way the licensing model is currently is not very convenient for us because initially, when we bought it, the licensing model was very flexible, but now it restricts us."

More Acunetix cons

"You can't use it in the continuous delivery pipeline because the scanning takes too much time."

"Integration into the SDLC (i.e. support for last version of SonarQube) could be added."

"Checkmarx is not good because it has too many false positive issues."

"They could work to improve the user interface. Right now, it really is lacking."

"The solution's user interface could be improved because it seems outdated."

"The product can be improved by continuing to expand the application languages and frameworks that can be scanned for vulnerabilities. This includes expanded coverage for mobile applications as well as open-source development tools."

"Checkmarx could improve the speed of the scans."

"Checkmarx needs to be more scalable for large enterprise companies."

More Checkmarx One cons

"I'm not sure licensing, but on the pricing, it's a bit costly. It's a bit overpriced. Though it is an enterprise tool, there are other tools also with similar functionalities."

"One thing I would like to see them introduce is a cloud-based platform."

"Fortify WebInspect's shortcoming stems from the fact that it is a very expensive product in Korea, which makes it difficult for its potential customers to introduce the product in their IT environment."

"It took us between eight and ten hours to scan an entire site, which is somewhat slow and something that I think can be improved."

"Our biggest complaint about this product is that it freezes up, and literally doesn't work for us."

"Creating reports is very slow and it is something that should be improved."

"There are some file extensions, like .SER, that Fortify WebInspect doesn't scan."

"The scanner could be better."

More OpenText Dynamic Application Security Testing cons

Pricing and Cost Advice

"It is a bit expensive. If you need to check five applications, you have to pay almost 14,000. It is an agreement for two years at 7,000 per year for only five applications. You cannot change the applications in the license. So, you are stuck with the same license for the five applications for one full year."

"When compared with other products, the pricing is a little bit high. But it gives value for the price. It serves the purpose and is worthwhile for the price we pay."

"Implementing Acunetix needs a medium or larger business agency, because you need some money to get Acunetix. It is costly, but if you care about your agency's security, then maybe it's a cost that might help you in the future."

"The pricing is a little high, and moreover, it's kind of domain-based."

"The costs aren't very expensive. It costs around $3000 or $4000."

"The price is exceptionally high."

"All things considered, I think it has a good price/value ratio."

"The pricing and licensing are reasonable to a point. In order to run multiple scans at a time, we are going to have to purchase a 100 count license, which is an overkill. Though, compared to what we were paying for, the cost seems reasonable."

More Acunetix pricing and cost advice

"The average deal size was usually anywhere between $120K to $175K on an annual basis, which could be divided across 12 months."

"For around 250 users or committers, the cost is approximately $500,000."

"The number of users and coverage for languages will have an impact on the cost of the license."

"I believe pricing is better compared to other commercial tools."

"The tool's pricing is fine."

"I would rate the solution’s pricing an eight out of ten. The tool’s pricing is higher than others and it is for the license alone."

"The pricing is competitive and provides a lower TCO (total cost of ownership) for achieving application security."

"The license has a vague language around P1 issues and the associated support. Make sure to review these in order to align them with your organizational policies."

More Checkmarx One pricing and cost advice

"The price is okay."

"Our licensing is such that you can only run one scan at a time, which is inconvenient."

"This solution is very expensive."

"The pricing is not clear and while it is not high, it is difficult to understand."

"It’s a fair price for the solution."

"Fortify WebInspect is a very expensive product."

"Its price is almost similar to the price of AppScan. Both of them are very costly. Its price could be reduced because it can be very costly for unlimited IT scans, etc. I'm not sure, but it can go up to $40,000 to $50,000 or more than that."

See which vendors are best for you

Use our free recommendation engine to learn which DevSecOps solutions are best for your needs.

See recommendations

862,624 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

17%

Financial Services Firm

13%

Manufacturing Company

Government

Financial Services Firm

20%

Computer Software Company

14%

Manufacturing Company

10%

Government

Financial Services Firm

15%

Government

15%

Manufacturing Company

12%

Computer Software Company

12%

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Acunetix Vulnerability Scanner?

The tool's most valuable feature is scan configurations. We use it for external physical applications. The scanning t...

See all answers

What is your primary use case for Acunetix Vulnerability Scanner?

Most of the customers who use Acunetix are looking for security testing. The primary use case is performing penetrati...

See all answers

What advice do you have for others considering Acunetix Vulnerability Scanner?

Acunetix supports multi-user environments effectively. Acunetix is targeted for small to mid-size teams in a DevSecOp...

See all answers

What alternatives are there for Fortify WebInspect and Fortify SCA?

I would like to recommend Checkmarx. With Checkmarx, you are able to have an all in one solution for SAST and SCA as ...

See all answers

What do you like most about Checkmarx?

Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%.

See all answers

What is your experience regarding pricing and costs for Checkmarx?

The pricing is relatively expensive due to the product's quality and performance, but it is worth it.

See all answers

What do you like most about Fortify WebInspect?

The solution's technical support was very helpful.

See all answers

What is your experience regarding pricing and costs for Fortify WebInspect?

The price of Fortify WebInspect is high, with the cost depending on the number of virtual users. It is approximately ...

See all answers

What needs improvement with Fortify WebInspect?

The main area for improvement in Fortify WebInspect is the price, as it is too high compared to the market rate. The ...

See all answers

Comparisons

OWASP Zap vs Acunetix

Compared 17% of the time

PortSwigger Burp Suite Professional vs Acunetix

Compared 11% of the time

HCL AppScan vs Acunetix

Compared 9% of the time

Invicti vs Acunetix

Compared 7% of the time

ImmuniWeb vs Acunetix

Compared 2% of the time

More Acunetix Competitors

SonarQube Server (formerly SonarQube) vs Checkmarx One

Compared 38% of the time

Veracode vs Checkmarx One

Compared 11% of the time

Checkmarx SAST vs Checkmarx One

Compared 7% of the time

OpenText Core Application Security vs Checkmarx One

Compared 5% of the time

GitLab vs Checkmarx One

Compared 1% of the time

More Checkmarx One Competitors

PortSwigger Burp Suite Professional vs OpenText Dynamic Application Security Testing

Compared 19% of the time

OWASP Zap vs OpenText Dynamic Application Security Testing

Compared 11% of the time

Qualys Web Application Scanning vs OpenText Dynamic Application Security Testing

Compared 8% of the time

OpenText Core Application Security vs OpenText Dynamic Application Security Testing

Compared 8% of the time

GitLab vs OpenText Dynamic Application Security Testing

Compared 2% of the time

More OpenText Dynamic Application Security Testing Competitors

Product Reports

Buyer's Guide

Acunetix

July 2025

Download Acunetix product report

Buyer's Guide

Checkmarx One

July 2025

Download Checkmarx One product report

Buyer's Guide

OpenText Dynamic Application Security Testing

July 2025

OpenText Dynamic Application Security Testing report

Download OpenText Dynamic Application Security Testing product report

Also Known As

AcuSensor

No data available

Micro Focus WebInspect, WebInspect

Overview

Acunetix Web Vulnerability Scanner is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross site scripting, and other exploitable vulnerabilities.

Invicti

Checkmarx One is an enterprise cloud-native application security platform focused on providing cross-tool, correlated results to help AppSec and developer teams prioritize where to focus time and resources.

Checkmarx One offers comprehensive application scanning across the SDLC:

Static Application Security Testing (SAST)
Software Composition Analysis (SCA)
API security
Dynamic Application Security Testing (DAST)
Container security
IaC security
Correlation, prioritization, and risk management
Codebashing secure code training
AI security
Tech partnerships extending AppSec into runtime analysis
Developer tool integrations including: CI/CD tools, development frameworks, feedback tools, IDEs, programming languages and SCMs

Checkmarx One provides everything you need to secure application development from the first line of code through deployment and runtime in the cloud. With an ever-evolving set of AppSec engines, correlation and prioritization features, and AI capabilities, Checkmarx One helps consolidate expanding lists of AppSec tools and make better sense of results. Its capabilities are designed to provide an improved developer experience to build trust with development teams and ensure the success of your AppSec program investment.

Checkmarx

OpenText Dynamic Application Security Testing offers robust scalability, ease of use, and high accuracy in scanning, making it a valuable tool for enterprises.

This security testing platform is known for its centralized dashboard, guided scans, and comprehensive reporting. It integrates seamlessly with tools like Fortify code scanner and supports extensive vulnerability detection and analysis, enhancing efficiency in security management. Despite its strengths, users suggest improvements in cloud integration, cost-effectiveness, and installation processes. Faster scans, reduced false positives, and improved mobile testing features are also desired.

What are the key features of OpenText Dynamic Application Security Testing?

Scalability: Easily adapts to changing enterprise needs.
Ease of Use: User-friendly interface with guided scans.
Comprehensive Reporting: Detailed vulnerability analysis and reporting.
Integration Capabilities: Works with Fortify code scanner and user authentication scanning.
Wide Vulnerability Detection: Identifies extensive security vulnerabilities.

What benefits should users expect from reviews?

Efficient Vulnerability Management: Streamlines security management in development environments.
Detailed Analysis: Provides in-depth insights into security issues.
Quick Setup: Easy to deploy within existing systems.
Enterprise Preference: Supports enterprise environments efficiently.

In industries like BFSI, OpenText Dynamic Application Security Testing is employed for performance network application testing, dynamic and static application security testing, and code checks. Security and QA teams use it in development processes to ensure application security prior to release, proving integral in both enterprise and testing environments.

OpenText

Sample Customers

Joomla!, Digicure, Team Random, Credit Suisse, Samsung, Air New Zealand

YIT, Salesforce, Coca-Cola, SAP, U.S. Army, Liveperson, Playtech Case Study: Liveperson Implements Innovative Secure SDLC

Aaron's

Find out what your peers are saying about GitLab, Snyk, GitGuardian and others in DevSecOps. Updated: July 2025.

DOWNLOAD NOW

862,624 professionals have used our research since 2012.