Try our new research platform with insights from 80,000+ expert users

Acunetix vs Software Risk Manager ASPM comparison

Invicti and Black Duck are both solutions in the Static Application Security Testing (SAST) category. Invicti is ranked #12 with an average rating of 8.4, while Black Duck is ranked #33. Invicti holds a 3.1% mindshare in SAST, compared to Black Duck’s 0.4% mindshare. Additionally, 86% of Invicti users are willing to recommend the solution.
Acunetix
Read 33 Acunetix reviews
  • 5,850 Views
  • 3,803 Comparison Views
86% willing to recommend
Software Risk Manager ASPM
Read 1 Software Risk Manager ASPM review
  • 726 Views
  • 624 Comparison Views
0% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 15, 2025

Acunetix and Software Risk Manager ASPM compete in web application security testing and software risk management. Acunetix leads in penetration testing support, while Software Risk Manager ASPM excels in risk assessment and management.

Features: Acunetix offers automated vulnerability scanning, robust penetration testing tools, and continuous monitoring with detailed reporting. Software Risk Manager ASPM provides application security posture management, advanced risk assessment, and integration with development pipelines.

Ease of Deployment and Customer Service: Acunetix supports both cloud and on-premise deployment with extensive integration capabilities and robust technical support. Software Risk Manager ASPM offers cloud-based and on-premise deployment with a focus on integrating within the software development life cycle, providing dedicated support for security policy implementation.

Pricing and ROI: Acunetix provides competitive pricing, offering good ROI by saving time in security assessments. Software Risk Manager ASPM, despite higher costs, justifies investment with detailed risk management and integration, appealing to enterprises focusing on a long-term security strategy.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Static Application Security Testing (SAST) Report (Updated: October 2025).
Buyer's Guide
Static Application Security Testing (SAST)
October 2025
Download the complete report
Helped 872,706 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Acunetix
Ranking in Static Application Security Testing (SAST)
12th
Average Rating
7.8
Reviews Sentiment
7.0
Number of Reviews
33
Ranking in other categories
Application Security Tools (16th), Vulnerability Management (23rd), DevSecOps (6th)
Software Risk Manager ASPM
Ranking in Static Application Security Testing (SAST)
33rd
Average Rating
0.0
Reviews Sentiment
7.0
Number of Reviews
1
Ranking in other categories
Software Composition Analysis (SCA) (26th), Application Security Posture Management (ASPM) (14th)
 

Mindshare comparison

As of October 2025, in the Static Application Security Testing (SAST) category, the mindshare of Acunetix is 3.1%, up from 2.8% compared to the previous year. The mindshare of Software Risk Manager ASPM is 0.4%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Static Application Security Testing (SAST) Market Share Distribution
ProductMarket Share (%)
Acunetix3.1%
Software Risk Manager ASPM0.4%
Other96.5%
Static Application Security Testing (SAST)
 

Featured Reviews

KashifJamil - PeerSpot reviewer
Has enabled teams to improve security testing with smooth integration and high accuracy
Acunetix has a very good ratio of fewer false positives, so users don't need to retest everything. Acunetix operates smoothly with no interruptions required, and it performs at 100% efficiency without issues in scanning anything. The solution is excellent at detecting SQL injection and cross-site scripting vulnerabilities. Acunetix integrates with every type of tool, including CI/CD tools, offering 100% integration in DevOps environments. The main benefit of Acunetix is that at the first level, users can address security issues related to penetration testing, allowing them to expose vulnerabilities and ensure all required testing is completed with very few false positives.
Read full review
Saravanan_Radhakrishnan - PeerSpot reviewer
Facilitates continuous assessment of applications, covering both static and dynamic security aspects
Code Dx lacks one aspect, the dynamic security part, known as DAST. It's not an on-premise solution; it's in the cloud now. There are compliance standards and data standards where the customer might need to have the data on-premises for dynamic security testing. So that is one shortfall. An area of improvement could be developing an on-premise DAST solution. The current one is a complete cloud-based solution, and that can be one of the areas of improvement.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution is highly stable."
"We use the solution for the scanning of vulnerabilities like SQL injections."
"Acunetix has an awesome crawler. It gives a referral site map of near targets and also goes really deep to find all the inputs without issues. This was valuable because it helped me find some files or directories, like web admin panels without authentication, which were hidden."
"Their technical support has been very active. If I have an issue, I can reach out to them and get an answer pretty quick."
"For us, the most valuable aspect of the solution is the log-sequence feature."
"The automated approach to these repetitive discovery attempts would take days to do manually and therefore it helps reduce the time needed to do an assessment."
"It comes equipped with an internal applicator, which automatically identifies and addresses vulnerabilities within the program."
"There is a lot of documentation on their website which makes setting it up and using it quite simple."
More Acunetix pros
"The customers were looking for something around static security and dynamic security, and in all those areas, they were looking for an industry leader with a proven solution. Synopsys is a Gartner leader, so I position this particular technology for the technical pre-sales part of it."
 

Cons

"It would be nice to have a feature to "retest" only a single vulnerability that the customer reports as patched, and delete it from the next scans since it has already been patched."
"In terms of what needs improvement, the way the licensing model is currently is not very convenient for us because initially, when we bought it, the licensing model was very flexible, but now it restricts us."
"You can't actually change your password after you've set it unless you go back into the administration account and you change it there. Thus, if you're locked out and don't remember your password, that's a thing."
"The solution can be improved by adding the ability to scan subdomains automatically, and by providing reports that can be exported to external databases to share with other solutions."
"Integration into other tools is very limited for Acunetix. While we're trying to incorporate a CI/CD process where we're integrating with JIRA and we're integrating with Jenkins and Chef, it becomes problematic. Other tools give you a high integration capability to connect into different solutions that you may already have, like JIRA."
"We have had issues during upgrades where their scans worked on some apps better with previous versions. Then, we had to work with their tech support, who were great, to get it fixed for the next version."
"The cost can be reduced as management has noted it to be on the higher side."
"The solution's pricing could be better."
More Acunetix cons
"The initial setup is a bit challenging because things are not easy. It needs a lot of technology adaptability plus the customer's environment-specific use cases."
 

Pricing and Cost Advice

"I would say that Acunetix is expensive because there are products on the market with similar features that are equally or better-priced."
"The costs aren't very expensive. It costs around $3000 or $4000."
"When compared with other products, the pricing is a little bit high. But it gives value for the price. It serves the purpose and is worthwhile for the price we pay."
"All things considered, I think it has a good price/value ratio."
"The cost is based on two types of licenses, ConsultLite, and ConsultPlus, as well as the number of domains that are scanned."
"Acunetix was around the same price as all the other vendors we looked at, nothing special."
"Implementing Acunetix needs a medium or larger business agency, because you need some money to get Acunetix. It is costly, but if you care about your agency's security, then maybe it's a cost that might help you in the future."
"The pricing is a little high, and moreover, it's kind of domain-based."
More Acunetix pricing and cost advice
"It is more of an enterprise solution for budget-conscious customers. So, it's moderately priced. It's not for everybody."
report
See which vendors are best for you
Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.
See recommendations
872,706 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
12%
Manufacturing Company
9%
University
8%
Financial Services Firm
17%
Manufacturing Company
11%
Computer Software Company
10%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business15
Midsize Enterprise5
Large Enterprise14
No data available
 

Questions from the Community

What do you like most about Acunetix Vulnerability Scanner?
The tool's most valuable feature is scan configurations. We use it for external physical applications. The scanning time depends on the application's code.
See all answers
What is your primary use case for Acunetix Vulnerability Scanner?
The primary use case for Acunetix Vulnerability Scanner is automated scanning and detection of security vulnerabilities in web applications, websites, and APIs.
See all answers
What advice do you have for others considering Acunetix Vulnerability Scanner?
Acunetix supports multi-user environments effectively. Acunetix is targeted for small to mid-size teams in a DevSecOps environment, making it the best choice for small and mid-size companies, offer...
See all answers
Ask a question
Earn 20 points
 

Comparisons

OWASP Zap vs Acunetix Logo
OWASP Zap vs Acunetix
Compared 16% of the time
PortSwigger Burp Suite Professional vs Acunetix Logo
PortSwigger Burp Suite Professional vs Acunetix
Compared 9% of the time
HCL AppScan vs Acunetix Logo
HCL AppScan vs Acunetix
Compared 7% of the time
Invicti vs Acunetix Logo
Invicti vs Acunetix
Compared 7% of the time
Veracode vs Acunetix Logo
Veracode vs Acunetix
Compared 5% of the time
More Acunetix Competitors
Veracode vs Software Risk Manager ASPM Logo
Veracode vs Software Risk Manager ASPM
Compared 23% of the time
PortSwigger Burp Suite Professional vs Software Risk Manager ASPM Logo
PortSwigger Burp Suite Professional vs Software Risk Manager ASPM
Compared 21% of the time
Snyk vs Software Risk Manager ASPM Logo
Snyk vs Software Risk Manager ASPM
Compared 14% of the time
Semgrep vs Software Risk Manager ASPM Logo
Semgrep vs Software Risk Manager ASPM
Compared 11% of the time
SonarQube Server (formerly SonarQube) vs Software Risk Manager ASPM Logo
SonarQube Server (formerly SonarQube) vs Software Risk Manager ASPM
Compared 9% of the time
More Software Risk Manager ASPM Competitors
 

Product Reports

Buyer's Guide
Acunetix
October 2025
Acunetix reportDownload Acunetix product report
Buyer's Guide
Application Security Posture Management (ASPM)
October 2025
Software Risk Manager ASPM reportDownload Software Risk Manager ASPM product report
 

Also Known As

AcuSensor
Code Dx
 

Overview

Acunetix Web Vulnerability Scanner is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross site scripting, and other exploitable vulnerabilities.

Invicti

Software Risk Manager is an application security posture management (ASPM) solution that enables security and development teams to manage their application security programs at enterprise scale. By unifying policy, test orchestration, correlation, prioritization, and built-in static application security testing (SAST) and software composition analysis (SCA) engines, organizations can streamline their security activities across the enterprise.

Black Duck
 

Sample Customers

Joomla!, Digicure, Team Random, Credit Suisse, Samsung, Air New Zealand
Discover why companies like: CGI said, "Synopsys and Software Risk Manager have provided the results we’re looking for".
Buyer's Guide
Static Application Security Testing (SAST)
October 2025
Download Free Report
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST). Updated: October 2025.
DOWNLOAD NOW
872,706 professionals have used our research since 2012.
See our list of best Static Application Security Testing (SAST) vendors.

We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.