Try our new research platform with insights from 80,000+ expert users

Acunetix vs Synopsys Software Risk Manager comparison

Invicti and Black Duck are both solutions in the Static Application Security Testing (SAST) category. Invicti is ranked #13 with an average rating of 8.3, while Black Duck is ranked #35. Invicti holds a 3.5% mindshare in SAST, compared to Black Duck’s 0.4% mindshare. Additionally, 86% of Invicti users are willing to recommend the solution.
Acunetix
Read 33 Acunetix reviews
  • 4,155 Views
  • 1,096 Comparison Views
86% willing to recommend
Synopsys Software Risk Manager
Read 1 Synopsys Software Risk Manager review
  • 578 Views
  • 66 Comparison Views
0% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Acunetix and Synopsys Software Risk Manager based on real PeerSpot user reviews.

Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST).

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Static Application Security Testing (SAST) Report (Updated: June 2025).
Buyer's Guide
Static Application Security Testing (SAST)
June 2025
Download the complete report
Helped 860,592 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Acunetix
Ranking in Static Application Security Testing (SAST)
13th
Average Rating
7.8
Reviews Sentiment
7.0
Number of Reviews
33
Ranking in other categories
Application Security Tools (16th), Vulnerability Management (22nd), DevSecOps (6th)
Synopsys Software Risk Manager
Ranking in Static Application Security Testing (SAST)
35th
Average Rating
0.0
Reviews Sentiment
7.0
Number of Reviews
1
Ranking in other categories
Software Composition Analysis (SCA) (27th), Application Security Posture Management (ASPM) (11th)
 

Mindshare comparison

As of July 2025, in the Static Application Security Testing (SAST) category, the mindshare of Acunetix is 3.5%, up from 2.6% compared to the previous year. The mindshare of Synopsys Software Risk Manager is 0.4%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Static Application Security Testing (SAST)
 

Featured Reviews

KashifJamil - PeerSpot reviewer
Has enabled teams to improve security testing with smooth integration and high accuracy
Acunetix has a very good ratio of fewer false positives, so users don't need to retest everything. Acunetix operates smoothly with no interruptions required, and it performs at 100% efficiency without issues in scanning anything. The solution is excellent at detecting SQL injection and cross-site scripting vulnerabilities. Acunetix integrates with every type of tool, including CI/CD tools, offering 100% integration in DevOps environments. The main benefit of Acunetix is that at the first level, users can address security issues related to penetration testing, allowing them to expose vulnerabilities and ensure all required testing is completed with very few false positives.
Read full review
Saravanan_Radhakrishnan - PeerSpot reviewer
Facilitates continuous assessment of applications, covering both static and dynamic security aspects
Code Dx lacks one aspect, the dynamic security part, known as DAST. It's not an on-premise solution; it's in the cloud now. There are compliance standards and data standards where the customer might need to have the data on-premises for dynamic security testing. So that is one shortfall. An area of improvement could be developing an on-premise DAST solution. The current one is a complete cloud-based solution, and that can be one of the areas of improvement.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature of the solution is the speed at which it can scan multiple domains in just a few hours."
"The usability and overall scan results are good."
"The features of Acunetix have proved most effective in identifying vulnerabilities."
"The most valuable feature of Acunetix is the UI and the scan results are simple."
"The product is really easy to use."
"I haven't seen reporting of that level in any other tool."
"We use the solution for the scanning of vulnerabilities like SQL injections."
"I find it to be one of the most comprehensive tools, with support for manual intervention."
More Acunetix pros
"The customers were looking for something around static security and dynamic security, and in all those areas, they were looking for an industry leader with a proven solution. Synopsys is a Gartner leader, so I position this particular technology for the technical pre-sales part of it."
 

Cons

"There are some versions of the solution that are not as stable as others."
"I had some issues with the JSON parameters where it found some strange vulnerabilities, but it didn't alert the person using it or me about these vulnerabilities, e.g., an error for SQL injection."
"There's a clear need for a reduction in pricing to make the service more accessible."
"The jargon used makes it difficult for project managers to understand the issues, and the technical explanations used make it difficult for developers to understand issues. These things should be simplified much more. That would be very helpful for us when explaining to them what needs to be fixed. The report output needs to be simplified."
"There was an issue related to updates from the internet."
"Acunetix needs to be dynamic with JavaScript code, unlike Netsparker which can scan complex agents."
"Acunetix should improve by further reducing false positives and providing more customized reports, plus better integration with newer tools such as GitHub and Azure DevOps."
"It would be nice to have a feature to "retest" only a single vulnerability that the customer reports as patched, and delete it from the next scans since it has already been patched."
More Acunetix cons
"The initial setup is a bit challenging because things are not easy. It needs a lot of technology adaptability plus the customer's environment-specific use cases."
 

Pricing and Cost Advice

"The pricing is a little high, and moreover, it's kind of domain-based."
"The pricing and licensing are reasonable to a point. In order to run multiple scans at a time, we are going to have to purchase a 100 count license, which is an overkill. Though, compared to what we were paying for, the cost seems reasonable."
"The costs aren't very expensive. It costs around $3000 or $4000."
"When compared with other products, the pricing is a little bit high. But it gives value for the price. It serves the purpose and is worthwhile for the price we pay."
"Acunetix was around the same price as all the other vendors we looked at, nothing special."
"Implementing Acunetix needs a medium or larger business agency, because you need some money to get Acunetix. It is costly, but if you care about your agency's security, then maybe it's a cost that might help you in the future."
"When we looked at all other vendors and what they were asking for, to provide a third of what Acunetix was capable of doing, it was an easy decision... But now that it's coming to a cost where it's line with market value, it becomes more of a competition... Acunetix is raising the cost of licensing. It's 3.5 times what we were initially quoted."
"It is a bit expensive. If you need to check five applications, you have to pay almost 14,000. It is an agreement for two years at 7,000 per year for only five applications. You cannot change the applications in the license. So, you are stuck with the same license for the five applications for one full year."
More Acunetix pricing and cost advice
"It is more of an enterprise solution for budget-conscious customers. So, it's moderately priced. It's not for everybody."
report
See which vendors are best for you
Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.
See recommendations
860,592 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
14%
Manufacturing Company
9%
Government
8%
Financial Services Firm
19%
Manufacturing Company
15%
Computer Software Company
10%
Government
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Acunetix Vulnerability Scanner?
The tool's most valuable feature is scan configurations. We use it for external physical applications. The scanning time depends on the application's code.
See all answers
What is your primary use case for Acunetix Vulnerability Scanner?
Most of the customers who use Acunetix are looking for security testing. The primary use case is performing penetration testing. The main use cases include vulnerability scanning, security testing,...
See all answers
What advice do you have for others considering Acunetix Vulnerability Scanner?
Acunetix supports multi-user environments effectively. Acunetix is targeted for small to mid-size teams in a DevSecOps environment, making it the best choice for small and mid-size companies, offer...
See all answers
What do you like most about Synopsys Code Dx?
The customers were looking for something around static security and dynamic security, and in all those areas, they were looking for an industry leader with a proven solution. Synopsys is a Gartne...
See all answers
What is your experience regarding pricing and costs for Synopsys Code Dx?
I would rate the pricing model an eight out of ten, where one is low and ten is high. Because it is more of an enterprise solution for budget-conscious customers. So, it's moderately priced. It's n...
See all answers
What needs improvement with Synopsys Code Dx?
Code Dx lacks one aspect, the dynamic security part, known as DAST. It's not an on-premise solution; it's in the cloud now. There are compliance standards and data standards where the customer migh...
See all answers
 

Comparisons

OWASP Zap vs Acunetix Logo
OWASP Zap vs Acunetix
Compared 17% of the time
PortSwigger Burp Suite Professional vs Acunetix Logo
PortSwigger Burp Suite Professional vs Acunetix
Compared 11% of the time
HCL AppScan vs Acunetix Logo
HCL AppScan vs Acunetix
Compared 9% of the time
Invicti vs Acunetix Logo
Invicti vs Acunetix
Compared 7% of the time
PortSwigger Burp Suite Enterprise Edition vs Acunetix Logo
PortSwigger Burp Suite Enterprise Edition vs Acunetix
Compared 6% of the time
More Acunetix Competitors
Veracode vs Synopsys Software Risk Manager Logo
Veracode vs Synopsys Software Risk Manager
Compared 51% of the time
Checkmarx One vs Synopsys Software Risk Manager Logo
Checkmarx One vs Synopsys Software Risk Manager
Compared 19% of the time
SonarQube Server (formerly SonarQube) vs Synopsys Software Risk Manager Logo
SonarQube Server (formerly SonarQube) vs Synopsys Software Risk Manager
Compared 17% of the time
More Synopsys Software Risk Manager Competitors
 

Product Reports

Buyer's Guide
Acunetix
June 2025
Acunetix reportDownload Acunetix product report
Buyer's Guide
Application Security Posture Management (ASPM)
June 2025
Synopsys Software Risk Manager reportDownload Synopsys Software Risk Manager product report
 

Also Known As

AcuSensor
Code Dx
 

Overview

Acunetix Web Vulnerability Scanner is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross site scripting, and other exploitable vulnerabilities.

Invicti

Software Risk Manager is an application security posture management (ASPM) solution that enables security and development teams to manage their application security programs at enterprise scale. By unifying policy, test orchestration, correlation, prioritization, and built-in static application security testing (SAST) and software composition analysis (SCA) engines, organizations can streamline their security activities across the enterprise.

Black Duck
 

Sample Customers

Joomla!, Digicure, Team Random, Credit Suisse, Samsung, Air New Zealand
Discover why companies like: CGI said, "Synopsys and Software Risk Manager have provided the results we’re looking for".
Buyer's Guide
Static Application Security Testing (SAST)
June 2025
Download Free Report
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST). Updated: June 2025.
DOWNLOAD NOW
860,592 professionals have used our research since 2012.
See our list of best Static Application Security Testing (SAST) vendors.

We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.