Try our new research platform with insights from 80,000+ expert users

Acunetix vs Invicti comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Acunetix
Ranking in Static Application Security Testing (SAST)
12th
Average Rating
7.8
Reviews Sentiment
7.0
Number of Reviews
33
Ranking in other categories
Application Security Tools (16th), Vulnerability Management (21st), DevSecOps (6th)
Invicti
Ranking in Static Application Security Testing (SAST)
14th
Average Rating
8.2
Reviews Sentiment
6.7
Number of Reviews
30
Ranking in other categories
API Security (7th), Dynamic Application Security Testing (DAST) (5th)
 

Mindshare comparison

As of September 2025, in the Static Application Security Testing (SAST) category, the mindshare of Acunetix is 3.2%, up from 2.7% compared to the previous year. The mindshare of Invicti is 1.5%, up from 1.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Static Application Security Testing (SAST) Market Share Distribution
ProductMarket Share (%)
Acunetix3.2%
Invicti1.5%
Other95.3%
Static Application Security Testing (SAST)
 

Featured Reviews

KashifJamil - PeerSpot reviewer
Has enabled teams to improve security testing with smooth integration and high accuracy
Acunetix has a very good ratio of fewer false positives, so users don't need to retest everything. Acunetix operates smoothly with no interruptions required, and it performs at 100% efficiency without issues in scanning anything. The solution is excellent at detecting SQL injection and cross-site scripting vulnerabilities. Acunetix integrates with every type of tool, including CI/CD tools, offering 100% integration in DevOps environments. The main benefit of Acunetix is that at the first level, users can address security issues related to penetration testing, allowing them to expose vulnerabilities and ensure all required testing is completed with very few false positives.
Kunal M - PeerSpot reviewer
Proactive scanning measures and realistic audit recommendations enhance development focus
Invicti's proactive scanning measures vulnerabilities each time we deploy or push code to a new environment. This feature helps us focus on priorities and prioritize the development team's effort, integrating seamlessly with DevOps to facilitate proactive scans of environments. Invicti also provides audit recommendations that are quite realistic, making it easy to discuss plans with developers.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most important feature is that it's a web-based graphical user interface. That is a great addition. Also, the ability to schedule scans is great."
"It can operate both as a standalone and it can be integrated with other applications, which makes it a very versatile solution to have."
"By integrating with CI/CD tools, it enables a shift-left approach in the development process."
"For us, the most valuable aspect of the solution is the log-sequence feature."
"Their technical support has been very active. If I have an issue, I can reach out to them and get an answer pretty quick."
"The features of Acunetix have proved most effective in identifying vulnerabilities."
"The most valuable feature of Acunetix is the UI and the scan results are simple."
"The vulnerability scanning option for analyzing the security loopholes on the websites is the most valuable feature of this solution."
"Netsparker provides a more interactive interface that is more appealing."
"The best features of Invicti are its ability to confirm access vulnerabilities, SSL injection vulnerabilities, and its connectors to other security tools."
"The most valuable feature of Invicti is getting baseline scanning and incremental scan."
"Its ability to crawl a web application is quite different than another similar scanner."
"I am impressed with Invictus’ proof-based scanning. The solution has reduced the incidence of false positive vulnerabilities. It has helped us reduce our time and focus on vulnerabilities."
"One of the features I like about this program is the low number of false positives and the support it offers."
"Invicti is part of our SSDLC portfolio, and DAST dynamic testing is very important for our web applications and portfolios."
"It has very good integration with the CI/CD pipeline."
 

Cons

"The solution's pricing could be better."
"There's a clear need for a reduction in pricing to make the service more accessible."
"There was an issue related to updates from the internet."
"The cost can be reduced as management has noted it to be on the higher side."
"Acunetix should improve by further reducing false positives and providing more customized reports, plus better integration with newer tools such as GitHub and Azure DevOps."
"While we do have it integrated with other solutions, it could still offer more integrations."
"There is room for improvement in website authentication because I've seen other products that can do it much better."
"The solution limits the number of scans. It would be much better if we could have unlimited scans."
"Reporting should be improved. The reporting options should be made better for end-users. Currently, it is possible, but it's not the best. Being able to choose what I want to see in my reports rather than being given prefixed information would make my life easier. I had to depend on the API for getting the content that I wanted. If they could fix the reporting feature to make it more comprehensive and user-friendly, it would help a lot of end-users. Everything else was good about this product."
"The solution needs to make a more specific report."
"It would be better for listing and attacking Java-based web applications to exploit vulnerabilities."
"The custom attack preparation screen might be improved."
"Invicti's reporting capabilities need enhancement. We need enterprise-level information instead of repo-level details. Unlike Appiro, Invicti does not provide portfolio-level insights into vulnerability remediation over time."
"The license could be better. It would help if they could allow us to scan multiple URLs on the same license. It's a major hindrance that we are facing while scanning applications, and we have to be sure that the URLs are the same and not different so that we do not end up consuming another license for it. Netsparker is one of the costliest products in the market. The licensing is tied to the URL, and it's restricted. If you have a URL that you scanned once, like a website, you cannot retry that same license. If you are scanning the same website but in a different domain or different URL, you might end up paying for a second license. It would also be better if they provided proper support for multi-factor authentications. In the next release, I would like them to include good multi-factor authentication support."
"They could enhance the support for data swap testing for the platform."
"Currently, there is nothing I would like to improve."
 

Pricing and Cost Advice

"The solution is expensive."
"The pricing is a little high, and moreover, it's kind of domain-based."
"The pricing and licensing are reasonable to a point. In order to run multiple scans at a time, we are going to have to purchase a 100 count license, which is an overkill. Though, compared to what we were paying for, the cost seems reasonable."
"The costs aren't very expensive. It costs around $3000 or $4000."
"It is a bit expensive. If you need to check five applications, you have to pay almost 14,000. It is an agreement for two years at 7,000 per year for only five applications. You cannot change the applications in the license. So, you are stuck with the same license for the five applications for one full year."
"I would say that Acunetix is expensive because there are products on the market with similar features that are equally or better-priced."
"The price is exceptionally high."
"When we looked at all other vendors and what they were asking for, to provide a third of what Acunetix was capable of doing, it was an easy decision... But now that it's coming to a cost where it's line with market value, it becomes more of a competition... Acunetix is raising the cost of licensing. It's 3.5 times what we were initially quoted."
"Invicti is best suited for large enterprises. I don't think small and medium-sized businesses can afford it. Maintenance costs aren't that great."
"The price should be 20% lower"
"I think that price it too high, like other Security applications such as Acunetix, WebInspect, and so on."
"It is competitive in the security market."
"The solution is very expensive. It comes with a yearly subscription. We were paying 6000 dollars yearly for unlimited scans. We have three licenses; basic, business, and ultimate. We need ultimate because it has unlimited scan numbers."
"OWASP Zap is free and it has live updates, so that's a big plus."
"We never had any issues with the licensing; the price was within our assigned limits."
"Netsparker is one of the costliest products in the market. It would help if they could allow us to scan multiple URLs on the same license."
report
Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.
866,391 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
13%
Manufacturing Company
9%
Government
8%
Financial Services Firm
17%
Computer Software Company
14%
Manufacturing Company
9%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business15
Midsize Enterprise5
Large Enterprise14
By reviewers
Company SizeCount
Small Business13
Midsize Enterprise4
Large Enterprise13
 

Questions from the Community

What do you like most about Acunetix Vulnerability Scanner?
The tool's most valuable feature is scan configurations. We use it for external physical applications. The scanning time depends on the application's code.
What is your primary use case for Acunetix Vulnerability Scanner?
Most of the customers who use Acunetix are looking for security testing. The primary use case is performing penetration testing. The main use cases include vulnerability scanning, security testing,...
What advice do you have for others considering Acunetix Vulnerability Scanner?
Acunetix supports multi-user environments effectively. Acunetix is targeted for small to mid-size teams in a DevSecOps environment, making it the best choice for small and mid-size companies, offer...
What is your experience regarding pricing and costs for Netsparker Web Application Security Scanner?
As a technical user, I do not handle pricing or licensing, but I am aware that Invicti offers flexible licensing models based on organizational needs.
What do you like most about Invicti?
The most valuable feature of Invicti is getting baseline scanning and incremental scan.
What needs improvement with Invicti?
The main concern is on the performance side, but other than that, we find it really helpful in identifying web vulnerabilities. A full scan takes more time based on your website and other factors, ...
 

Also Known As

AcuSensor
Netsparker
 

Overview

 

Sample Customers

Joomla!, Digicure, Team Random, Credit Suisse, Samsung, Air New Zealand
Samsung, The Walt Disney Company, T-Systems, ING Bank
Find out what your peers are saying about Acunetix vs. Invicti and other solutions. Updated: July 2025.
866,391 professionals have used our research since 2012.