Acunetix vs Software Risk Manager ASPM comparison

Invicti and Black Duck are both solutions in the Static Application Security Testing (SAST) category. Invicti is ranked #8 with an average rating of 7.9, while Black Duck is ranked #28. Invicti holds a 2.6% mindshare in SAST, compared to Black Duck’s 1.2% mindshare. Additionally, 88% of Invicti users are willing to recommend the solution.

Acunetix

Read 36 Acunetix reviews

8,861 Views
5,051 Comparison Views

88% willing to recommend

Software Risk Manager ASPM

Read 1 Software Risk Manager ASPM review

1,992 Views
1,394 Comparison Views

0% willing to recommend

Acunetix

Software Risk Manager ASPM

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Mar 22, 2026

Acunetix and Software Risk Manager ASPM compete in the cybersecurity space. Acunetix holds the upper hand in terms of pricing and support, while Software Risk Manager ASPM excels through its advanced features and comprehensive security capabilities.

Features: Acunetix offers automated scanning for vulnerabilities, detailed reporting, and integration with various development tools. Software Risk Manager ASPM provides application security posture management, real-time risk assessment, and incident response capabilities.

Ease of Deployment and Customer Service: Acunetix has a straightforward deployment process supported by excellent customer service and detailed documentation. Software Risk Manager ASPM deployment can be more complex, requiring additional configuration but benefits from high-quality, responsive support.

Pricing and ROI: Acunetix is known for competitive pricing with a lower initial setup cost, delivering faster ROI due to its ease of use. Software Risk Manager ASPM requires a higher initial investment but offers long-term ROI through comprehensive security solutions.

To learn more, read our detailed Static Application Security Testing (SAST) Report (Updated: April 2026).

Buyer's Guide

Static Application Security Testing (SAST)

April 2026

Download the complete report

Helped 893,311 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Acunetix

Ranking in Static Application Security Testing (SAST)

8th

Average Rating

7.8

Reviews Sentiment

6.6

Number of Reviews

Ranking in other categories

Application Security Tools (15th), Vulnerability Management (30th), DevSecOps (5th)

Software Risk Manager ASPM

Ranking in Static Application Security Testing (SAST)

28th

Average Rating

0.0

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

Software Composition Analysis (SCA) (23rd), Application Security Posture Management (ASPM) (15th)

Mindshare comparison

As of May 2026, in the Static Application Security Testing (SAST) category, the mindshare of Acunetix is 2.6%, down from 3.7% compared to the previous year. The mindshare of Software Risk Manager ASPM is 1.2%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Static Application Security Testing (SAST) Mindshare Distribution
Product	Mindshare (%)
Acunetix	2.6%
Software Risk Manager ASPM	1.2%
Other	96.2%

Static Application Security Testing (SAST)

Featured Reviews

Rahul Kumar

Senior Engineer - Penetration Tester at a government with 10,001+ employees

Identifies vulnerabilities across bulk web applications but needs better support and cleaner reports

The best feature Acunetix offers is the centralized dashboard and the quality of reports it generates, which includes various options for selecting reports and developer options for directly sharing the reports with developers. The centralized dashboard of Acunetix gives visibility into the security aspects of mass applications; for instance, with more than 200 applications, it provides a valuable overview of findings and necessary fixes, along with a high-level summary that helps us achieve compliance through monthly and sometimes weekly scanning. In terms of reporting, Acunetix is excellent because it can generate different types of reports, such as an executive summary report, detailed reports, and developer reports that can be shared directly with developers. Acunetix positively impacts my organization by helping identify outdated libraries and applications, including legacy applications vulnerable to old attacks based on OWASP Top 10, thus aiding in compliance checks for PCI DSS and OWASP. Acunetix provides a centralized report with compliance-related aspects and a vulnerability timeline, effectively helping reduce vulnerabilities and save time.

Read full review

Saravanan_Radhakrishnan

Senior Manager at Happiest Minds Technologies

Facilitates continuous assessment of applications, covering both static and dynamic security aspects

Code Dx lacks one aspect, the dynamic security part, known as DAST. It's not an on-premise solution; it's in the cloud now. There are compliance standards and data standards where the customer might need to have the data on-premises for dynamic security testing. So that is one shortfall. An area of improvement could be developing an on-premise DAST solution. The current one is a complete cloud-based solution, and that can be one of the areas of improvement.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"It generates automated reports."

"The usability and overall scan results are good."

"One of the features that I feel is groundbreaking, that I would like to see expanded on, is the IAS feature: The Interactive Application Security Testing module that gets loaded onto an application on a server, for more in-depth, granular findings. I think that is really neat. I haven't seen a lot of competitors doing that."

"As a team, it's helped us to deliver better security assessments."

"The scalability is good. The scalability is more than good because it can operate both as a standalone and it can be integrated as part of applications. So that really makes it a very, very versatile solution to have."

"It's a very easy deployment and easy application."

"Every organization who has their assets over the internet and are exposed to a public website needs to have vulnerability assessment using Acunetix."

"Segregation of reports is really, really good with Acunetix; it provides us with a lot of in-depth details."

More Acunetix pros

"The customers were looking for something around static security and dynamic security, and in all those areas, they were looking for an industry leader with a proven solution. Synopsys is a Gartner leader, so I position this particular technology for the technical pre-sales part of it."

Cons

"The jargon used makes it difficult for project managers to understand the issues, and the technical explanations used make it difficult for developers to understand issues. These things should be simplified much more. That would be very helpful for us when explaining to them what needs to be fixed. The report output needs to be simplified."

"In terms of what needs improvement, the way the licensing model is currently is not very convenient for us because initially, when we bought it, the licensing model was very flexible, but now it restricts us."

"I believe Acunetix can improve customer support, as the dedicated support staff are often unfamiliar with problems and troubleshooting, leading to communication gaps that delay issue resolution."

"Acunetix provides the benefit of saving time for an end user. I would not say it saves money because the cost and license of Acunetix is far more than what others offer."

"Integration into other tools is very limited for Acunetix. While we're trying to incorporate a CI/CD process where we're integrating with JIRA and we're integrating with Jenkins and Chef, it becomes problematic. Other tools give you a high integration capability to connect into different solutions that you may already have, like JIRA."

"I believe Acunetix can improve customer support, as the dedicated support staff are often unfamiliar with problems and troubleshooting, leading to communication gaps that delay issue resolution."

"Currently only supports web scanning."

"The solution limits the number of scans. It would be much better if we could have unlimited scans."

More Acunetix cons

"The initial setup is a bit challenging because things are not easy. It needs a lot of technology adaptability plus the customer's environment-specific use cases."

Pricing and Cost Advice

"When compared with other products, the pricing is a little bit high. But it gives value for the price. It serves the purpose and is worthwhile for the price we pay."

"Acunetix was around the same price as all the other vendors we looked at, nothing special."

"Implementing Acunetix needs a medium or larger business agency, because you need some money to get Acunetix. It is costly, but if you care about your agency's security, then maybe it's a cost that might help you in the future."

"When we looked at all other vendors and what they were asking for, to provide a third of what Acunetix was capable of doing, it was an easy decision... But now that it's coming to a cost where it's line with market value, it becomes more of a competition... Acunetix is raising the cost of licensing. It's 3.5 times what we were initially quoted."

"The price is exceptionally high."

"The cost is based on two types of licenses, ConsultLite, and ConsultPlus, as well as the number of domains that are scanned."

"The pricing is a little high, and moreover, it's kind of domain-based."

"It is a bit expensive. If you need to check five applications, you have to pay almost 14,000. It is an agreement for two years at 7,000 per year for only five applications. You cannot change the applications in the license. So, you are stuck with the same license for the five applications for one full year."

More Acunetix pricing and cost advice

"It is more of an enterprise solution for budget-conscious customers. So, it's moderately priced. It's not for everybody."

See which vendors are best for you

Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.

See recommendations

893,311 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

13%

Computer Software Company

11%

Manufacturing Company

Government

Financial Services Firm

16%

University

11%

Manufacturing Company

10%

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	15
Midsize Enterprise	7
Large Enterprise	19

No data available

Questions from the Community

What is your primary use case for Acunetix Vulnerability Scanner?

My main use of Acunetix is to scan my web application. I mostly deal with web applications and with Acunetix Network Security Component, but I have not activated the network component before and wi...

See all answers

What advice do you have for others considering Acunetix Vulnerability Scanner?

I am still working with Acunetix, and we have even moved to their new platform, Invicti. I have requested a demo for Acunetix DeepScan technology, but I have yet to go through DeepScan. That was th...

See all answers

What is your experience regarding pricing and costs for Acunetix?

I would say the pricing is average, but still, it is higher than low.

See all answers

Ask a question

Earn 20 points

Comparisons

OWASP Zap vs Acunetix

Compared 8% of the time

PortSwigger Burp Suite Professional vs Acunetix

Compared 7% of the time

Invicti vs Acunetix

Compared 5% of the time

HCL AppScan vs Acunetix

Compared 4% of the time

Veracode vs Acunetix

Compared 4% of the time

More Acunetix Competitors

PortSwigger Burp Suite Professional vs Software Risk Manager ASPM

Compared 20% of the time

Veracode vs Software Risk Manager ASPM

Compared 9% of the time

Polaris Platform vs Software Risk Manager ASPM

Compared 8% of the time

Checkmarx One vs Software Risk Manager ASPM

Compared 6% of the time

Ivanti Neurons for ASPM vs Software Risk Manager ASPM

Compared 5% of the time

More Software Risk Manager ASPM Competitors

Product Reports

Buyer's Guide

Acunetix

May 2026

Download Acunetix product report

Buyer's Guide

Application Security Posture Management (ASPM)

April 2026

Download Software Risk Manager ASPM product report

Also Known As

AcuSensor

Code Dx

Overview

Acunetix is a dynamic application security tool used globally for web application vulnerability scanning, focusing on SQL injection and cross-site scripting.

Acunetix provides a comprehensive web vulnerability assessment platform designed for identifying and remediating security threats. Users benefit from its ability to schedule scans, boasting a fast detection rate for common vulnerabilities. The tool's centralized dashboard helps organizations with compliance monitoring and features such as crawling and login sequence enhancements, contributing depth to its security assessments. Despite high praise for its integration capabilities and automated scanning that saves time, pricing and false positives present challenges. Organizations often use Acunetix to maintain internal security and evaluate pre-release environments.

What are Acunetix's main features?

Comprehensive Reporting: Detailed reports assist in security analysis and compliance audits.
User-Friendly Interface: Simple navigation enhances user experience.
Scheduled Scans: Automation of scans allows for continuous monitoring.
Fast Detection: Quickly identifies vulnerabilities like SQL injection and cross-site scripting.
Integration Capabilities: Scalable solutions with compatibility across applications.
Crawling & Login Sequence: Improves depth in security analysis.

What benefits should businesses look for in reviews?

Low False Positive Rate: Accurate vulnerability detection saves time in analysis.
Time Efficiency: Automated scans reduce manual workload, improving team productivity.
Scalability: Integration features help accommodate growth and complexity.
Compliance Support: Centralized dashboard supports regulatory compliance checks.

In industries like finance, healthcare, and technology, Acunetix assists in protecting sensitive data through robust scanning and reporting capabilities. Its ability to perform dynamic assessments makes it a chosen tool in regulatory environments and development settings, offering both internal security inspections and pre-release evaluations.

Invicti

Software Risk Manager is an application security posture management (ASPM) solution that enables security and development teams to manage their application security programs at enterprise scale. By unifying policy, test orchestration, correlation, prioritization, and built-in static application security testing (SAST) and software composition analysis (SCA) engines, organizations can streamline their security activities across the enterprise.

Black Duck

Sample Customers

Joomla!, Digicure, Team Random, Credit Suisse, Samsung, Air New Zealand

Discover why companies like: CGI said, "Synopsys and Software Risk Manager have provided the results we’re looking for".

Buyer's Guide

Static Application Security Testing (SAST)

April 2026

Download Free Report

Find out what your peers are saying about SonarSource Sàrl, Checkmarx, Veracode and others in Static Application Security Testing (SAST). Updated: April 2026.

DOWNLOAD NOW

893,311 professionals have used our research since 2012.

See our list of best Static Application Security Testing (SAST) vendors.

We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.