Try our new research platform with insights from 80,000+ expert users

Acunetix vs OpenText Dynamic Application Security Testing vs Veracode comparison

The compared Invicti and OpenText solutions aren't in the same category. Invicti is ranked #16 in AS , with an average rating of 8.4, and holds a 2.6% mindshare in the category. OpenText is ranked #2 in DAST , with an average rating of 8.0, and holds a 17.9% mindshare. Additionally, 86% of Invicti users are willing to recommend the solution, compared to 83% of OpenText users who would recommend it.
Acunetix
Read 33 Acunetix reviews
  • 5,943 Views
  • 2,853 Comparison Views
86% willing to recommend
OpenText Dynamic Applicatio...
Read 22 OpenText Dynamic Application Security Testing reviews
  • 3,330 Views
  • 866 Comparison Views
83% willing to recommend
Veracode
Read 204 Veracode reviews
  • 19,783 Views
  • 12,859 Comparison Views
90% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Acunetix, OpenText Dynamic Application Security Testing, and Veracode based on real PeerSpot user reviews.

Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Application Security Tools Report (Updated: August 2025).
Buyer's Guide
Application Security Tools
August 2025
Download the complete report
Helped 867,349 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Mindshare comparison

Application Security Tools Market Share Distribution
ProductMarket Share (%)
Acunetix2.6%
SonarQube Server (formerly SonarQube)20.8%
Checkmarx One10.2%
Other66.4%
Application Security Tools
Dynamic Application Security Testing (DAST) Market Share Distribution
ProductMarket Share (%)
OpenText Dynamic Application Security Testing17.9%
HCL AppScan14.3%
Checkmarx One13.5%
Other54.3%
Dynamic Application Security Testing (DAST)
Application Security Tools Market Share Distribution
ProductMarket Share (%)
Veracode8.0%
SonarQube Server (formerly SonarQube)20.8%
Checkmarx One10.2%
Other61.0%
Application Security Tools
 

Featured Reviews

KashifJamil - PeerSpot reviewer
Has enabled teams to improve security testing with smooth integration and high accuracy
Acunetix has a very good ratio of fewer false positives, so users don't need to retest everything. Acunetix operates smoothly with no interruptions required, and it performs at 100% efficiency without issues in scanning anything. The solution is excellent at detecting SQL injection and cross-site scripting vulnerabilities. Acunetix integrates with every type of tool, including CI/CD tools, offering 100% integration in DevOps environments. The main benefit of Acunetix is that at the first level, users can address security issues related to penetration testing, allowing them to expose vulnerabilities and ensure all required testing is completed with very few false positives.
Read full review
Navin N - PeerSpot reviewer
Effective scanning of diverse file extensions with fast reporting and issue resolution
We develop software packages for clients, and these clients are mostly in the BFSI sector. The packages need to be scanned, and we engage Fortify WebInspect for this.  Customers typically perform their own application pen tests, but in some cases, we have engagements where customers want us to scan…
Read full review
Kv Rao - PeerSpot reviewer
Integrates pipelines smoothly and fortifies code against vulnerabilities
I use Veracode in multiple places including static code analysis, penetration testing, and dynamic code analysis. It is part of our pipeline and integrates well with Bitbucket and Git pipelines The ease of integration with Bitbucket pipelines and Git pipelines is vital for us. Veracode allows us…
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We use the solution for the scanning of vulnerabilities like SQL injections."
"Our developers can run the attacks directly from their environments, desktops."
"It's very user-friendly for the testing teams. It's very easy for them to understand things and to fix vulnerabilities."
"The features of Acunetix have proved most effective in identifying vulnerabilities."
"The product is really easy to use."
"The most valuable feature of Acunetix is the UI and the scan results are simple."
"There is a lot of documentation on their website which makes setting it up and using it quite simple."
"Their technical support has been very active. If I have an issue, I can reach out to them and get an answer pretty quick."
More Acunetix pros
"I've found the centralized dashboard the most valuable. For the management, it helps a lot to have abilities at the central level."
"The tool provides comprehensive vulnerability assessments which help ensure our deliverables are as free from vulnerabilities as possible. It has also streamlined our web application vulnerability assessments, assisting us in delivering secure applications to our clients."
"The solution is easy to use."
"It is easy to use, and its reporting is fairly simple."
"The most valuable feature of this solution is the ability to make our customers more secure."
"I'm sorry, but there is no review content provided to extract a quote from."
"The accuracy of its scans is great."
"It is scalable and very easy to use."
More OpenText Dynamic Application Security Testing pros
"We used Veracode to improve our security posture and speed up the time to market by streamlining the development process, which enhanced collaboration between developers, operations, and security teams."
"Veracode allows us to easily summarize issues and provide quick, actionable insights."
"It has given our management a view into issues with all of our product lines. We have three products and all of them were scanned. As a result, the project lead for each product has taken measures to improve things."
"The platform itself has a lot of AppSec best practices information, especially in the mitigation recommendation process."
"The Veracode technical support is very good. They are responsive and very knowledgeable."
"Developer Sandboxes help move scanning earlier within the SDLC."
"Static analysis scanning engine is a key feature."
"One of the features they have is Software Composition Analysis. When organizations use third-party, open source libraries with their application development, because they're open source they quite often have a lot of bugs. There are always patches coming out for those open source applications. You really have to stay on your toes and keep up with any third-party libraries that might be integrated into your application. Veracode's Software Composition Analysis scans those libraries and we find that very valuable."
More Veracode pros
 

Cons

"Acunetix needs to include agent analysis."
"When monitoring the traffic we always have issues with the bandwidth consumption and the throttling of traffic."
"There is room for improvement in website authentication because I've seen other products that can do it much better."
"Integration into other tools is very limited for Acunetix. While we're trying to incorporate a CI/CD process where we're integrating with JIRA and we're integrating with Jenkins and Chef, it becomes problematic. Other tools give you a high integration capability to connect into different solutions that you may already have, like JIRA."
"The solution's pricing could be better."
"Acunetix needs to improve its cost."
"The pricing is a bit on the higher side."
"Currently only supports web scanning."
More Acunetix cons
"Fortify WebInspect could improve user-friendliness. Additionally, it is very bulky to use."
"A localized version, for example, in Korean would be a big improvement to this solution."
"It took us between eight and ten hours to scan an entire site, which is somewhat slow and something that I think can be improved."
"Not sufficiently compatible with some of our systems."
"The installation could be a bit easier. Usually it's simple to use, but the installation is painful and a bit laborious and complex."
"There are some file extensions, like .SER, that Fortify WebInspect doesn't scan."
"We have often encountered scanning errors."
"Lately, we've seen more false negatives."
More OpenText Dynamic Application Security Testing cons
"It would help if there were a training module that would explain how to more effectively integrate the SAST product into the build tool, Jenkins or Bamboo."
"We connected with Veracode's support a couple of times, and we got a different answer each time."
"Straightforward to set up, but the configuration of the rules engine is difficult and complicated."
"The support team could be more responsive, and the dependency of users on the support team is too high and should be reduced."
"When we scan binary, when we perform binary analysis, it could go faster. That has a lot to do with the essence of scanning binary code, it takes a little bit longer. Certain aspects, depending on what type of code it is, take a little long, especially legacy code."
"It needs better APIs, reporting that I can easily query through the APIs and, preferably, a license model that I can predict."
"The JIRA integration automation aspect of it could be improved significantly. We want to have a way to create tickets that are going to allow people to work through those flaws that we're finding. We don't want people to feel like they're missing out on something or that they're not following directions in the right way."
"An area for improvement I found in Veracode is the connectivity because currently, my company uses a plugin for the dev-ops cloud-based connectivity. A pretty helpful feature would be if Veracode gives a direct code for connecting to the Oracle server directly and authenticating it via a unique server."
More Veracode cons
 

Pricing and Cost Advice

"I would say that Acunetix is expensive because there are products on the market with similar features that are equally or better-priced."
"The cost is based on two types of licenses, ConsultLite, and ConsultPlus, as well as the number of domains that are scanned."
"Acunetix was around the same price as all the other vendors we looked at, nothing special."
"The price is exceptionally high."
"Implementing Acunetix needs a medium or larger business agency, because you need some money to get Acunetix. It is costly, but if you care about your agency's security, then maybe it's a cost that might help you in the future."
"When compared with other products, the pricing is a little bit high. But it gives value for the price. It serves the purpose and is worthwhile for the price we pay."
"The pricing is a little high, and moreover, it's kind of domain-based."
"It is a bit expensive. If you need to check five applications, you have to pay almost 14,000. It is an agreement for two years at 7,000 per year for only five applications. You cannot change the applications in the license. So, you are stuck with the same license for the five applications for one full year."
More Acunetix pricing and cost advice
"This solution is very expensive."
"The price is okay."
"The pricing is not clear and while it is not high, it is difficult to understand."
"It’s a fair price for the solution."
"Its price is almost similar to the price of AppScan. Both of them are very costly. Its price could be reduced because it can be very costly for unlimited IT scans, etc. I'm not sure, but it can go up to $40,000 to $50,000 or more than that."
"Our licensing is such that you can only run one scan at a time, which is inconvenient."
"Fortify WebInspect is a very expensive product."
"The licensing is fair, it is time-limited (e.g. one year) but there is a size cap for every app. If your applications are big (due third-party libraries, for example) you should discuss this beforehand and explore suitable agreements."
"We use this product per project rather than per developer... Your development model will really determine what the best fit is for you in terms of licensing, because of the project-based licensing. If you do a few projects, that's more attractive. If you have a large number of developers, that would also make the product a little more attractive."
"The product’s price is a bit higher compared to other solutions."
"Pricing/licensing is complicated."
"Veracode provides value for the cost, with no additional charges apart from the standard licensing fee."
"Veracode is expensive. Some of its products are expensive. I don't think it's way more expensive than its competitors. The dynamic is definitely worth it, as I think it's cheaper than the competitors. The static scan is a little bit more expensive, around 20 percent more expensive. The manual pen test is more expensive, but it is an expensive service because it's a manual pen test and we also do retests. I don't think it is way more expensive than the competitors, but it's about 15 to 20 percent more expensive."
"I believe the price is fair according to market standards."
"Its pricing is fair."
More Veracode pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
See recommendations
867,349 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
13%
Manufacturing Company
8%
Government
7%
Financial Services Firm
15%
Government
15%
Manufacturing Company
13%
Computer Software Company
10%
Financial Services Firm
16%
Computer Software Company
16%
Manufacturing Company
9%
Insurance Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business15
Midsize Enterprise5
Large Enterprise14
By reviewers
Company SizeCount
Small Business7
Midsize Enterprise1
Large Enterprise15
By reviewers
Company SizeCount
Small Business69
Midsize Enterprise43
Large Enterprise112
 

Questions from the Community

What do you like most about Acunetix Vulnerability Scanner?
The tool's most valuable feature is scan configurations. We use it for external physical applications. The scanning t...
See all answers
What is your primary use case for Acunetix Vulnerability Scanner?
Most of the customers who use Acunetix are looking for security testing. The primary use case is performing penetrati...
See all answers
What advice do you have for others considering Acunetix Vulnerability Scanner?
Acunetix supports multi-user environments effectively. Acunetix is targeted for small to mid-size teams in a DevSecOp...
See all answers
What is your experience regarding pricing and costs for Fortify WebInspect?
While I am not directly involved with licensing, I can share that our project's license for 1-9 applications costs be...
See all answers
What needs improvement with Fortify WebInspect?
WebInspect works efficiently with Java-based or .NET based applications. However, it struggles with Salesforce applic...
See all answers
What is your primary use case for Fortify WebInspect?
I am currently working with several tools. For Fortify, I use SCA and WebInspect. Apart from that, I use Burp Suite f...
See all answers
Which gives you more for your money - SonarQube or Veracode?
SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis. Son...
See all answers
What do you like most about Veracode?
The SAST and DAST modules are great.
See all answers
What is your experience regarding pricing and costs for Veracode?
The product’s price is a bit higher compared to other solutions. However, the tool provides good vulnerability and da...
See all answers
 

Comparisons

OWASP Zap vs Acunetix Logo
OWASP Zap vs Acunetix
Compared 17% of the time
PortSwigger Burp Suite Professional vs Acunetix Logo
PortSwigger Burp Suite Professional vs Acunetix
Compared 10% of the time
HCL AppScan vs Acunetix Logo
HCL AppScan vs Acunetix
Compared 8% of the time
Invicti vs Acunetix Logo
Invicti vs Acunetix
Compared 8% of the time
ImmuniWeb vs Acunetix Logo
ImmuniWeb vs Acunetix
Compared 3% of the time
More Acunetix Competitors
PortSwigger Burp Suite Professional vs OpenText Dynamic Application Security Testing Logo
PortSwigger Burp Suite Professional vs OpenText Dynamic Application Security Testing
Compared 17% of the time
OWASP Zap vs OpenText Dynamic Application Security Testing Logo
OWASP Zap vs OpenText Dynamic Application Security Testing
Compared 11% of the time
Qualys Web Application Scanning vs OpenText Dynamic Application Security Testing Logo
Qualys Web Application Scanning vs OpenText Dynamic Application Security Testing
Compared 8% of the time
PortSwigger Burp Suite Enterprise Edition vs OpenText Dynamic Application Security Testing Logo
PortSwigger Burp Suite Enterprise Edition vs OpenText Dynamic Application Security Testing
Compared 8% of the time
HCL AppScan vs OpenText Dynamic Application Security Testing Logo
HCL AppScan vs OpenText Dynamic Application Security Testing
Compared 7% of the time
More OpenText Dynamic Application Security Testing Competitors
SonarQube Server (formerly SonarQube) vs Veracode Logo
SonarQube Server (formerly SonarQube) vs Veracode
Compared 16% of the time
Checkmarx One vs Veracode Logo
Checkmarx One vs Veracode
Compared 9% of the time
GitHub Advanced Security vs Veracode Logo
GitHub Advanced Security vs Veracode
Compared 7% of the time
OpenText Core Application Security vs Veracode Logo
OpenText Core Application Security vs Veracode
Compared 4% of the time
OWASP Zap vs Veracode Logo
OWASP Zap vs Veracode
Compared 4% of the time
More Veracode Competitors
 

Product Reports

Buyer's Guide
Acunetix
September 2025
Acunetix reportDownload Acunetix product report
Buyer's Guide
OpenText Dynamic Application Security Testing
August 2025
OpenText Dynamic Application Security Testing reportDownload OpenText Dynamic Application Security Testing product report
Buyer's Guide
Veracode
August 2025
Veracode reportDownload Veracode product report
 

Also Known As

AcuSensor
Micro Focus WebInspect, WebInspect
Crashtest Security , Veracode Detect
 

Overview

Acunetix Web Vulnerability Scanner is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross site scripting, and other exploitable vulnerabilities.

Invicti

OpenText Dynamic Application Security Testing offers robust scalability, ease of use, and high accuracy in scanning, making it a valuable tool for enterprises.

This security testing platform is known for its centralized dashboard, guided scans, and comprehensive reporting. It integrates seamlessly with tools like Fortify code scanner and supports extensive vulnerability detection and analysis, enhancing efficiency in security management. Despite its strengths, users suggest improvements in cloud integration, cost-effectiveness, and installation processes. Faster scans, reduced false positives, and improved mobile testing features are also desired.

What are the key features of OpenText Dynamic Application Security Testing?
  • Scalability: Easily adapts to changing enterprise needs.
  • Ease of Use: User-friendly interface with guided scans.
  • Comprehensive Reporting: Detailed vulnerability analysis and reporting.
  • Integration Capabilities: Works with Fortify code scanner and user authentication scanning.
  • Wide Vulnerability Detection: Identifies extensive security vulnerabilities.
What benefits should users expect from reviews?
  • Efficient Vulnerability Management: Streamlines security management in development environments.
  • Detailed Analysis: Provides in-depth insights into security issues.
  • Quick Setup: Easy to deploy within existing systems.
  • Enterprise Preference: Supports enterprise environments efficiently.

In industries like BFSI, OpenText Dynamic Application Security Testing is employed for performance network application testing, dynamic and static application security testing, and code checks. Security and QA teams use it in development processes to ensure application security prior to release, proving integral in both enterprise and testing environments.

OpenText

Veracode is a leading provider of application security solutions, offering tools to identify, mitigate, and prevent vulnerabilities across the software development lifecycle. Its cloud-based platform integrates security into DevOps workflows, helping organizations ensure that their code remains secure and compliant with industry standards.

Veracode supports multiple application security testing types, including static analysis (SAST), dynamic analysis (DAST), software composition analysis (SCA), and manual penetration testing. These tools are designed to help developers detect vulnerabilities early in development while maintaining speed in deployment. Veracode also emphasizes scalability, offering features for enterprises that manage a large number of applications across different teams. Its robust reporting and analytics capabilities allow organizations to continuously monitor their security posture and track progress toward remediation.

What are the key features of Veracode?

  • Static Analysis (SAST) - Scans source code for vulnerabilities before deployment.
  • Dynamic Analysis (DAST) - Examines applications in a running state to detect flaws in real-time.
  • Software Composition Analysis (SCA) - Identifies risks in open-source libraries and third-party components.
  • Manual Penetration Testing - Offers expert analysis for more complex vulnerabilities.
  • Integrations with DevOps tools - Seamlessly integrates with CI/CD pipelines for automated security checks.

What benefits should users consider in Veracode reviews?

  • Early detection of vulnerabilities - Helps developers fix security issues early in the development process.
  • Scalability - Supports organizations with large-scale application portfolios.
  • Compliance support - Ensures applications meet various security standards and regulations.
  • Developer training - Provides tools for educating developers on secure coding practices.
  • Comprehensive reporting - Offers detailed reports that track remediation and risk trends.

Veracode is widely adopted in industries like finance, healthcare, and government, where compliance and security are critical. It helps these organizations maintain strict security standards while enabling rapid development through its integration with Agile and DevOps methodologies.


Veracode helps businesses secure their applications efficiently, ensuring they can deliver safe and compliant software at scale.

Veracode
 

Sample Customers

Joomla!, Digicure, Team Random, Credit Suisse, Samsung, Air New Zealand
Aaron's
Manhattan Associates, Azalea Health, Sabre, QAD, Floor & Decor, Prophecy International, SchoolCNXT, Keap, Rekner, Cox Automotive, Automation Anywhere, State of Missouri and others.
Buyer's Guide
Application Security Tools
August 2025
Download Free Report
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools. Updated: August 2025.
DOWNLOAD NOW
867,349 professionals have used our research since 2012.