No more typing reviews! Try our Samantha, our new voice AI agent.

Acunetix vs Zafran Security comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
Acunetix
Ranking in Vulnerability Management
28th
Average Rating
7.8
Reviews Sentiment
6.7
Number of Reviews
37
Ranking in other categories
Application Security Tools (13th), Static Application Security Testing (SAST) (8th), DevSecOps (6th)
Zafran Security
Ranking in Vulnerability Management
20th
Average Rating
9.6
Reviews Sentiment
6.4
Number of Reviews
6
Ranking in other categories
Continuous Threat Exposure Management (CTEM) (2nd)
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of Acunetix is 1.2%, up from 1.2% compared to the previous year. The mindshare of Zafran Security is 1.0%, up from 0.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Qualys TotalCloud1.1%
Zafran Security1.0%
Acunetix1.2%
Other96.7%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
Rahul Kumar - PeerSpot reviewer
Senior Engineer - Penetration Tester at a government with 10,001+ employees
Identifies vulnerabilities across bulk web applications but needs better support and cleaner reports
The best feature Acunetix offers is the centralized dashboard and the quality of reports it generates, which includes various options for selecting reports and developer options for directly sharing the reports with developers. The centralized dashboard of Acunetix gives visibility into the security aspects of mass applications; for instance, with more than 200 applications, it provides a valuable overview of findings and necessary fixes, along with a high-level summary that helps us achieve compliance through monthly and sometimes weekly scanning. In terms of reporting, Acunetix is excellent because it can generate different types of reports, such as an executive summary report, detailed reports, and developer reports that can be shared directly with developers. Acunetix positively impacts my organization by helping identify outdated libraries and applications, including legacy applications vulnerable to old attacks based on OWASP Top 10, thus aiding in compliance checks for PCI DSS and OWASP. Acunetix provides a centralized report with compliance-related aspects and a vulnerability timeline, effectively helping reduce vulnerabilities and save time.
Reviewer6233 - PeerSpot reviewer
Information Security Vulnerability Management Executive Advisor at a healthcare company with 10,001+ employees
Has become an indispensable tool in our cybersecurity arsenal
While Zafran Security is already a powerful tool, there are areas where it could be further improved to provide even greater value. One key area for enhancement is the searching capabilities within its vulnerabilities module. By incorporating the ability to create Boolean searches, users would gain the ability to apply more complex filters and customize their search criteria. This would greatly enhance the precision and efficiency with which security teams can identify and prioritize vulnerabilities. Having such tailored search capabilities would save time and resources by narrowing down vast lists of vulnerabilities to those that meet specific parameters relevant to our unique risk environment. Additionally, integrating more robust reporting and visualization tools would be advantageous. Enhanced dashboards that offer customizable visual representations of risk configurations and threat landscapes would facilitate better communication with stakeholders, making it easier to explain vulnerabilities and the rationale behind certain security measures. This would also aid in demonstrating the improvements and value derived from existing security investments to leadership and non-technical team members.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature is extensibility."
"Qualys TotalCloud is an excellent platform, and the beauty of the platform is that we can get all the vulnerabilities, see all the reports in a single dashboard, view them segregated, and easily learn about critical, high, and medium findings with appropriately provided remediation steps."
"Generally, Qualys is very good at detections, whether on cloud or on-prem, and the agent allows deployment on both infrastructures, providing continuous monitoring of your assets, which is a key selling point for us."
"TotalCloud offers a comprehensive suite of features, including EDR, XDR, and TrueRisk, providing a centralized platform for managing vulnerabilities and security risks."
"It is a cloud-native app that integrates with both IaaS and SaaS. It seamlessly integrates with other platforms."
"I would definitely recommend Qualys TotalCloud to other users."
"The most valuable feature is the consolidated information that it provides from various platforms."
"I highly recommend Qualys TotalCloud to other users."
"The tool's most valuable feature is scan configurations. We use it for external physical applications. The scanning time depends on the application's code."
"The most valuable feature of Acunetix is the UI and the scan results are simple."
"We use the solution for the scanning of vulnerabilities like SQL injections."
"As a team, it's helped us to deliver better security assessments."
"For us, the most valuable aspect of the solution is the log-sequence feature."
"Segregation of reports is really, really good with Acunetix; it provides us with a lot of in-depth details."
"Login Sequence Recorder, scan throttling, and fantastic reporting output are the most valuable features."
"The solution is paying for itself, as our applications are more secure."
"We saw benefits from Zafran Security almost immediately after deploying it."
"We are able to see the real risk of a vulnerability on our environment with our security tools."
"Zafran is an excellent tool."
"Zafran has become an indispensable tool in our cybersecurity arsenal."
"With Zafran Security, it integrates with your security controls, allowing you to take that risk score and reduce it based on the controls in place or increase the risk based on different factors, such as if the issue is internet reachable or if there's an exploit in the wild."
"Overall, we have seen about eighty-seven percent reduction of the number of vulnerabilities that require urgency to remediate, specifically the number of criticals."
 

Cons

"We encountered challenges identifying the correct resource category for certain items, such as those in containers or storage."
"Qualys TotalCloud's increasing complexity, due to the development and deployment of multiple solutions, is making the GUI difficult to navigate."
"To improve the user experience, reporting could be simplified for better comprehension by end users and project managers, facilitating issue resolution."
"Regarding technical support from Qualys, they respond, but the response time can be too long. Sometimes we need to wait weeks for solutions to simple questions."
"TotalCloud could improve the classification of vulnerabilities. Specifically, it could enhance the categorization of what aspects fall under patches resolved by OS or software updates and what pertains to configuration adjustments."
"With the growing integration of AI, I would like Qualys to enhance its service offerings to better accommodate AI-related risks."
"Some major banks and insurance companies require an on-premises solution for comprehensive vulnerability management, which TotalCloud does not offer."
"We would like to see Windows-based sensors available in Qualys, as this would make the platform more versatile and support a broader range of environments."
"While we do have it integrated with other solutions, it could still offer more integrations."
"There is room for improvement in the pricing."
"I rate its stability six out of ten."
"Better handling of complex modern authentication flows would be an improvement."
"When monitoring the traffic we always have issues with the bandwidth consumption and the throttling of traffic."
"The Acunetix licensing and pricing model is somewhat complicated. If we calculated all of our domains and sub-domains, the sum would be huge; that's why we thought of leaving Acunetix."
"The solution should work on dealing with the number of false positives it delivers."
"I had some issues with the JSON parameters where it found some strange vulnerabilities, but it didn't alert the person using it or me about these vulnerabilities, e.g., an error for SQL injection."
"I think the ability to have some enhanced reporting capabilities is something they can improve on, as they have good reports but we have asked for some specific reporting enhancements."
"Initially, we were somewhat concerned about the scalability of Zafran due to our large asset count and the substantial amount of information we needed to process."
"The dashboarding and reporting functionality of Zafran Security is an area that definitely could use some improvements."
 

Pricing and Cost Advice

"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."
"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."
"Qualys TotalCloud offers good pricing that is affordable and competitive with the market. Our partnership also provides us with additional benefits."
"As a middle management member, I do not have direct pricing knowledge, but based on the knowledge from our meetings, its pricing is competitive."
"Qualys TotalCloud is expensive."
"The cost is high, but it meets our organizational needs."
"Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly."
"It isn't cheap, but it's reasonable. It helps us to manage things with very few resources."
"The price is exceptionally high."
"Acunetix was around the same price as all the other vendors we looked at, nothing special."
"All things considered, I think it has a good price/value ratio."
"When we looked at all other vendors and what they were asking for, to provide a third of what Acunetix was capable of doing, it was an easy decision... But now that it's coming to a cost where it's line with market value, it becomes more of a competition... Acunetix is raising the cost of licensing. It's 3.5 times what we were initially quoted."
"It is a bit expensive. If you need to check five applications, you have to pay almost 14,000. It is an agreement for two years at 7,000 per year for only five applications. You cannot change the applications in the license. So, you are stuck with the same license for the five applications for one full year."
"The pricing and licensing are reasonable to a point. In order to run multiple scans at a time, we are going to have to purchase a 100 count license, which is an overkill. Though, compared to what we were paying for, the cost seems reasonable."
"The pricing is a little high, and moreover, it's kind of domain-based."
"The cost is based on two types of licenses, ConsultLite, and ConsultPlus, as well as the number of domains that are scanned."
Information not available
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Financial Services Firm
12%
Manufacturing Company
11%
Computer Software Company
9%
Comms Service Provider
7%
Financial Services Firm
11%
Manufacturing Company
8%
Computer Software Company
7%
Outsourcing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
By reviewers
Company SizeCount
Small Business18
Midsize Enterprise7
Large Enterprise19
By reviewers
Company SizeCount
Midsize Enterprise2
Large Enterprise5
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What is your primary use case for Acunetix Vulnerability Scanner?
In a typical enterprise environment, Acunetix is mainly used for visibility, detection, and investigation across netw...
What advice do you have for others considering Acunetix Vulnerability Scanner?
I advise that Acunetix is the best option. Invest time in proper initial configuration and scope definitions. The too...
What is your experience regarding pricing and costs for Acunetix?
Everything is perfect and good, including the pricing and all related aspects.
What is your experience regarding pricing and costs for Zafran Security?
Since we stood Zafran Security up in our private cloud, we handle the maintenance on our side. As we opted not to use...
What needs improvement with Zafran Security?
In terms of areas for improvement, Zafran Security is doing a really great job as a new and emerging company. Oftenti...
What is your primary use case for Zafran Security?
My use cases for Zafran Security revolve around two primary areas. One is around vulnerability management and priorit...
 

Also Known As

Qualys TotalCloud with FlexScan
AcuSensor
No data available
 

Overview

 

Sample Customers

Information Not Available
Joomla!, Digicure, Team Random, Credit Suisse, Samsung, Air New Zealand
Information Not Available
Find out what your peers are saying about Acunetix vs. Zafran Security and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.