No more typing reviews! Try our Samantha, our new voice AI agent.

Acunetix vs Fortify Application Defender comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Acunetix
Ranking in Application Security Tools
13th
Average Rating
7.8
Reviews Sentiment
6.7
Number of Reviews
37
Ranking in other categories
Static Application Security Testing (SAST) (8th), Vulnerability Management (28th), DevSecOps (6th)
Fortify Application Defender
Ranking in Application Security Tools
33rd
Average Rating
7.8
Reviews Sentiment
6.6
Number of Reviews
11
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Application Security Tools category, the mindshare of Acunetix is 2.4%, down from 2.8% compared to the previous year. The mindshare of Fortify Application Defender is 1.5%, up from 0.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools Mindshare Distribution
ProductMindshare (%)
Acunetix2.4%
Fortify Application Defender1.5%
Other96.1%
Application Security Tools
 

Featured Reviews

Rahul Kumar - PeerSpot reviewer
Senior Engineer - Penetration Tester at a government with 10,001+ employees
Identifies vulnerabilities across bulk web applications but needs better support and cleaner reports
The best feature Acunetix offers is the centralized dashboard and the quality of reports it generates, which includes various options for selecting reports and developer options for directly sharing the reports with developers. The centralized dashboard of Acunetix gives visibility into the security aspects of mass applications; for instance, with more than 200 applications, it provides a valuable overview of findings and necessary fixes, along with a high-level summary that helps us achieve compliance through monthly and sometimes weekly scanning. In terms of reporting, Acunetix is excellent because it can generate different types of reports, such as an executive summary report, detailed reports, and developer reports that can be shared directly with developers. Acunetix positively impacts my organization by helping identify outdated libraries and applications, including legacy applications vulnerable to old attacks based on OWASP Top 10, thus aiding in compliance checks for PCI DSS and OWASP. Acunetix provides a centralized report with compliance-related aspects and a vulnerability timeline, effectively helping reduce vulnerabilities and save time.
VS
CTO at Abcl
Useful for fast code review in devOps pipelines
I rate the tool's scalability a seven out of ten. However, I'm concerned about how it handles an increasing number of lines of code. As the complexity grows, so does the time it takes for the tool to review everything. I want more clarity on how Fortify Application Defender handles multiple threats. We have numerous endpoints, but the tool runs in our pipeline, meaning it operates in the cloud. All our code is configured there, and the tool runs integration testing, unit testing, user testing, and final production code tests. It's a day-to-day experience. It's utilized almost every day as part of our pipeline runs. Each team responsible for integration testing, human testing, user access testing, and preproduction testing runs it whenever they take a build.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"For us, the most valuable aspect of the solution is the log-sequence feature."
"The vulnerability scanning option for analyzing the security loopholes on the websites is the most valuable feature of this solution."
"Money was saved by using Acunetix; it is very helpful and has saved a lot of money from other tools."
"Acunetix is the best service in the world. It is easy to manage. It gives a lot of information to the users to see and identify problems in their site or applications. It works very well."
"We are able to create a report which shows the PCI DSS scoring and share it with the application teams. Then, they can correlate and see exactly what they need to fix, and why."
"We use the solution for the scanning of vulnerabilities like SQL injections."
"The solution is highly stable."
"It's very user-friendly for the testing teams. It's very easy for them to understand things and to fix vulnerabilities."
"The tool's most valuable feature is software composition analysis. This feature works well with my .NET applications, providing a better understanding of library vulnerabilities."
"The product saves us cost and time."
"It is one of those things that once you see it in action, it is pretty impressive."
"Its ability to find security defects is valuable."
"The solution helped us to improve the code quality of our organization."
"The most valuable feature is the ability to automatically feed it rules what it's coupled with the WebInspect dynamic application scanning technology."
"The information from Fortify Application Defender on how to fix and solve issues is very good compared to other solutions."
"We are able to provide out customers with a secure application after development. They are no longer left wondering if they are vulnerable to different threats within the market following deployment."
 

Cons

"The Acunetix licensing and pricing model is somewhat complicated. If we calculated all of our domains and sub-domains, the sum would be huge; that's why we thought of leaving Acunetix."
"The time to fix issues is not too quick, so in the case of time-restricted projects for some customers, this might become a problem."
"In terms of what needs improvement, the way the licensing model is currently is not very convenient for us because initially, when we bought it, the licensing model was very flexible, but now it restricts us."
"The solution limits the number of scans. It would be much better if we could have unlimited scans."
"However, it doesn't seem very helpful or useful for scanning web services, and that has what I feel that the organization could work better on that."
"Our experience with Acunetix has not been good, so we are in the process of switching solutions."
"The solution's pricing could be better."
"The cost can be reduced as management has noted it to be on the higher side."
"The licensing can be a little complex."
"The product should integrate industry-standard code review tools internally with its system. This would streamline the coding process, as developers wouldn't need multiple tools for code review and security checks. Many independent and open-source tools are available, from Apache to various libraries. Using multiple DevOps pipeline tools can slow the turnaround time."
"The solution is quite expensive."
"The workbench is a little bit complex when you first start using it."
"The false positive rate should be lower."
"Fortify Application Defender gives a lot of false positives."
"I encountered many false positives for Python applications."
"Fortify Application Defender could improve by supporting more code languages, such as GRAAS and Groovy."
 

Pricing and Cost Advice

"The cost is based on two types of licenses, ConsultLite, and ConsultPlus, as well as the number of domains that are scanned."
"It is a bit expensive. If you need to check five applications, you have to pay almost 14,000. It is an agreement for two years at 7,000 per year for only five applications. You cannot change the applications in the license. So, you are stuck with the same license for the five applications for one full year."
"Implementing Acunetix needs a medium or larger business agency, because you need some money to get Acunetix. It is costly, but if you care about your agency's security, then maybe it's a cost that might help you in the future."
"I would say that Acunetix is expensive because there are products on the market with similar features that are equally or better-priced."
"The costs aren't very expensive. It costs around $3000 or $4000."
"When we looked at all other vendors and what they were asking for, to provide a third of what Acunetix was capable of doing, it was an easy decision... But now that it's coming to a cost where it's line with market value, it becomes more of a competition... Acunetix is raising the cost of licensing. It's 3.5 times what we were initially quoted."
"The pricing is a little high, and moreover, it's kind of domain-based."
"Acunetix was around the same price as all the other vendors we looked at, nothing special."
"I rate the solution's pricing a five out of ten. It comes as an annual cloud subscription. The tool's pricing is around 50 lakhs."
"The licensing is very complex, it's project based and can range from $10,000 to $200,000+ depending on the project type and size."
"Fortify Application Defender is very expensive."
"The product’s price is much higher than other tools."
"The base licensing costs for the SaaS platform is about $900 USD per application, per year."
"The price of this solution could be less expensive."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
12%
Manufacturing Company
11%
Computer Software Company
9%
Comms Service Provider
7%
Financial Services Firm
18%
Construction Company
10%
Manufacturing Company
9%
Comms Service Provider
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business18
Midsize Enterprise7
Large Enterprise19
By reviewers
Company SizeCount
Small Business3
Midsize Enterprise1
Large Enterprise8
 

Questions from the Community

What is your primary use case for Acunetix Vulnerability Scanner?
In a typical enterprise environment, Acunetix is mainly used for visibility, detection, and investigation across network traffic. The main use cases usually fall into a few core areas, with primary...
What advice do you have for others considering Acunetix Vulnerability Scanner?
I advise that Acunetix is the best option. Invest time in proper initial configuration and scope definitions. The tool is powerful, but its effectiveness depends heavily on how the authenticated ar...
What is your experience regarding pricing and costs for Acunetix?
Everything is perfect and good, including the pricing and all related aspects.
Ask a question
Earn 20 points
 

Also Known As

AcuSensor
HPE Fortify Application Defender, Micro Focus Fortify Application Defender
 

Overview

 

Sample Customers

Joomla!, Digicure, Team Random, Credit Suisse, Samsung, Air New Zealand
ServiceMaster, Saltworks, SAP
Find out what your peers are saying about Acunetix vs. Fortify Application Defender and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.