Acunetix vs GitHub Code Scanning comparison

Invicti and GitHub are both solutions in the Static Application Security Testing (SAST) category. Invicti is ranked #8 with an average rating of 7.9, while GitHub is ranked #12 with an average rating of 8.2. Invicti holds a 2.6% mindshare in SAST, compared to GitHub’s 1.4% mindshare. Additionally, 88% of Invicti users are willing to recommend the solution, compared to 100% of GitHub users who would recommend it.

Acunetix

Read 36 Acunetix reviews

8,861 Views
5,051 Comparison Views

88% willing to recommend

GitHub Code Scanning

Read 6 GitHub Code Scanning reviews

2,016 Views
1,935 Comparison Views

100% willing to recommend

Acunetix

GitHub Code Scanning

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 8, 2024

Acunetix and GitHub Code Scanning are key players in security and code testing. GitHub Code Scanning generally holds an advantage for its ease of use and seamless integration into development workflows.

Features: Acunetix provides comprehensive vulnerability detection, robust scanning, and extensive reporting for deep security analysis. GitHub Code Scanning offers seamless integration with CI/CD pipelines, a streamlined interface, and effective collaboration tools within the GitHub ecosystem.

Room for Improvement: Acunetix could benefit from enhanced integration, improved performance speed, and simplified user navigation. GitHub Code Scanning needs more comprehensive vulnerability detection, expanded language support, and enhanced reporting capabilities.

Ease of Deployment and Customer Service: Acunetix requires a complex setup but has satisfactory customer service. GitHub Code Scanning offers simple deployment with integrated support from the GitHub ecosystem, leading to higher user satisfaction.

Pricing and ROI: Acunetix comes with a higher upfront cost but offers significant long-term value through its exhaustive security features. GitHub Code Scanning provides cost-effective solutions via GitHub plans, achieving ROI through efficient workflow integration.

To learn more, read our detailed Acunetix vs. GitHub Code Scanning Report (Updated: April 2026).

Buyer's Guide

Acunetix vs. GitHub Code Scanning

April 2026

Download the complete report

Helped 893,221 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Acunetix

Ranking in Static Application Security Testing (SAST)

8th

Average Rating

7.8

Reviews Sentiment

6.6

Number of Reviews

Ranking in other categories

Application Security Tools (15th), Vulnerability Management (30th), DevSecOps (5th)

GitHub Code Scanning

Ranking in Static Application Security Testing (SAST)

12th

Average Rating

8.6

Reviews Sentiment

6.7

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of May 2026, in the Static Application Security Testing (SAST) category, the mindshare of Acunetix is 2.6%, down from 3.7% compared to the previous year. The mindshare of GitHub Code Scanning is 1.4%, up from 1.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Static Application Security Testing (SAST) Mindshare Distribution
Product	Mindshare (%)
Acunetix	2.6%
GitHub Code Scanning	1.4%
Other	96.0%

Static Application Security Testing (SAST)

Featured Reviews

Rahul Kumar

Senior Engineer - Penetration Tester at a government with 10,001+ employees

Identifies vulnerabilities across bulk web applications but needs better support and cleaner reports

The best feature Acunetix offers is the centralized dashboard and the quality of reports it generates, which includes various options for selecting reports and developer options for directly sharing the reports with developers. The centralized dashboard of Acunetix gives visibility into the security aspects of mass applications; for instance, with more than 200 applications, it provides a valuable overview of findings and necessary fixes, along with a high-level summary that helps us achieve compliance through monthly and sometimes weekly scanning. In terms of reporting, Acunetix is excellent because it can generate different types of reports, such as an executive summary report, detailed reports, and developer reports that can be shared directly with developers. Acunetix positively impacts my organization by helping identify outdated libraries and applications, including legacy applications vulnerable to old attacks based on OWASP Top 10, thus aiding in compliance checks for PCI DSS and OWASP. Acunetix provides a centralized report with compliance-related aspects and a vulnerability timeline, effectively helping reduce vulnerabilities and save time.

Read full review

AbhishekKumar20

Software Development Manager at Amazon

Code scanning identifies vulnerabilities quickly and improves team response with minimal setup

I have been using Git for approximately 13-14 years. I have used GitHub Code Scanning for about three to four years. The primary purpose is to identify any vulnerability in the code itself. The system logs vulnerabilities that we can immediately examine to see all the error-prone areas. The AI functionalities include predefined agents that scan through and immediately provide responses regarding the best nomenclature or code coverage percentage. It's actually a one-time setup, and the team benefits as long as they push code and changes in the repository itself. Every time we push something, we immediately check the total deviation, whether our code coverage has improved, or if any vulnerability has been identified. There is always a metrics dashboard that we can see and identify. Primarily, GitHub is used for doing the versioning itself in the repository. With vulnerability functionality being provided and AI agents available, it makes a complete package. As soon as we publish our code, we immediately get to know the test code coverage. This immediately informs us about all the vulnerable areas which are not being fully tested. If we address those areas, most vulnerabilities are resolved. Even after tests are added, if by any chance the test is not treated cleanly or corner cases are missed, GitHub Code Scanning immediately flags those corners. It's always beneficial to have because it's not humanly possible to check all corner case scenarios, but as a system where they diagnose each line item, that's very helpful.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"By integrating with CI/CD tools, it enables a shift-left approach in the development process."

"There is a lot of documentation on their website which makes setting it up and using it quite simple."

"I haven't seen reporting of that level in any other tool."

"As a team, it's helped us to deliver better security assessments."

"The scalability is more than good because it can operate both as a standalone and it can be integrated as part of applications, so that really makes it a very, very versatile solution to have."

"The solution is highly stable."

"We are happy, we're not unhappy with Acunetix, but we are very impressed by some of the things that it has been doing."

"Picks up weaknesses in our app setups."

More Acunetix pros

"It's very scalable, very easy to handle, and very intuitive."

"GitHub Code Spaces brings significant value with its simplicity and ease of use."

"The solution helps identify vulnerabilities by understanding how ports communicate with applications running on a system. Ports are like house numbers; to visit someone's house, you must know their number. Similarly, ports are used to communicate with applications. For example, if you want to use an HTTP web server, you must use port 80. It is the port on which the web application or your server listens for incoming requests."

"We use GitHub Code Scanning mostly for source code management."

"The static code analysis capability in GitHub Code Scanning is a very powerful feature, providing the ability to identify vulnerabilities and ensure code quality."

"GitHub Code Scanning has positively impacted my organization as it helps us recognize errors and avoid many later issues which may arise."

Cons

"It should be easier to recreate something manually, with the manual tool, because Acunetix is an automatic tool. If it finds something, it should be easier to manually replicate it. Sometimes you don't get the raw data from the input and output, so that could be improved."

"I believe Acunetix can improve customer support, as the dedicated support staff are often unfamiliar with problems and troubleshooting, leading to communication gaps that delay issue resolution."

"We have had issues during upgrades where their scans worked on some apps better with previous versions. Then, we had to work with their tech support, who were great, to get it fixed for the next version."

"However, their response is too slow."

"When monitoring the traffic we always have issues with the bandwidth consumption and the throttling of traffic."

"However, it doesn't seem very helpful or useful for scanning web services, and that has what I feel that the organization could work better on that."

"The Acunetix licensing and pricing model is somewhat complicated. If we calculated all of our domains and sub-domains, the sum would be huge; that's why we thought of leaving Acunetix."

More Acunetix cons

"At times it becomes very annoying as it highlights certain things which are intuitive. They require code coverage for those aspects as an extra overhead."

"When running code scans, GitHub Code Scanning provides recommendations for probable fixes. However, integrating a feature where developers receive real-time highlights of vulnerabilities when checking in or merging a PR would be beneficial."

"One area for improvement could be the ability to have an AI system digest the reports generated from code scanning and provide a summary. Currently, the reports can be extensive, and users may overlook details, such as outdated libraries, which could be highlighted for attention."

"GitHub Code Scanning should add more templates."

Pricing and Cost Advice

"When we looked at all other vendors and what they were asking for, to provide a third of what Acunetix was capable of doing, it was an easy decision... But now that it's coming to a cost where it's line with market value, it becomes more of a competition... Acunetix is raising the cost of licensing. It's 3.5 times what we were initially quoted."

"All things considered, I think it has a good price/value ratio."

"The pricing and licensing are reasonable to a point. In order to run multiple scans at a time, we are going to have to purchase a 100 count license, which is an overkill. Though, compared to what we were paying for, the cost seems reasonable."

"Implementing Acunetix needs a medium or larger business agency, because you need some money to get Acunetix. It is costly, but if you care about your agency's security, then maybe it's a cost that might help you in the future."

"Acunetix was around the same price as all the other vendors we looked at, nothing special."

"The cost is based on two types of licenses, ConsultLite, and ConsultPlus, as well as the number of domains that are scanned."

"The costs aren't very expensive. It costs around $3000 or $4000."

"The solution is expensive."

More Acunetix pricing and cost advice

"GitHub Code Scanning is a moderately priced solution."

"The minimum pricing for the tool is five dollars a month."

See which vendors are best for you

Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.

See recommendations

893,221 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

13%

Computer Software Company

11%

Manufacturing Company

Government

Computer Software Company

11%

Financial Services Firm

10%

Manufacturing Company

10%

Retailer

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	15
Midsize Enterprise	7
Large Enterprise	18

No data available

Questions from the Community

What is your primary use case for Acunetix Vulnerability Scanner?

My main use of Acunetix is to scan my web application. I mostly deal with web applications and with Acunetix Network Security Component, but I have not activated the network component before and wi...

See all answers

What advice do you have for others considering Acunetix Vulnerability Scanner?

I am still working with Acunetix, and we have even moved to their new platform, Invicti. I have requested a demo for Acunetix DeepScan technology, but I have yet to go through DeepScan. That was th...

See all answers

What is your experience regarding pricing and costs for Acunetix?

I would say the pricing is average, but still, it is higher than low.

See all answers

What is your experience regarding pricing and costs for GitHub Code Scanning?

The organization pays for the license of GitHub Code Scanning, but specific price details are unknown.

See all answers

What needs improvement with GitHub Code Scanning?

In my opinion, areas of GitHub Code Scanning that could be improved include that a few things are not visible to us, such as where it stores data and which path. There is a separate team for that w...

See all answers

What advice do you have for others considering GitHub Code Scanning?

I am an end user only here with GitHub Code Scanning. I currently might be using the latest version of GitHub Code Scanning, but I don't remember the specific version. I have not utilized the real-...

See all answers

Comparisons

OWASP Zap vs Acunetix

Compared 8% of the time

PortSwigger Burp Suite Professional vs Acunetix

Compared 7% of the time

Invicti vs Acunetix

Compared 5% of the time

HCL AppScan vs Acunetix

Compared 4% of the time

Veracode vs Acunetix

Compared 4% of the time

More Acunetix Competitors

SonarQube vs GitHub Code Scanning

Compared 16% of the time

Coverity Static vs GitHub Code Scanning

Compared 10% of the time

Aikido Security vs GitHub Code Scanning

Compared 6% of the time

HCL AppScan vs GitHub Code Scanning

Compared 6% of the time

Veracode vs GitHub Code Scanning

Compared 5% of the time

More GitHub Code Scanning Competitors

Product Reports

Buyer's Guide

Acunetix

May 2026

Download Acunetix product report

Buyer's Guide

GitHub Code Scanning

April 2026

Download GitHub Code Scanning product report

Also Known As

AcuSensor

No data available

Overview

Acunetix is a dynamic application security tool used globally for web application vulnerability scanning, focusing on SQL injection and cross-site scripting.

Acunetix provides a comprehensive web vulnerability assessment platform designed for identifying and remediating security threats. Users benefit from its ability to schedule scans, boasting a fast detection rate for common vulnerabilities. The tool's centralized dashboard helps organizations with compliance monitoring and features such as crawling and login sequence enhancements, contributing depth to its security assessments. Despite high praise for its integration capabilities and automated scanning that saves time, pricing and false positives present challenges. Organizations often use Acunetix to maintain internal security and evaluate pre-release environments.

What are Acunetix's main features?

Comprehensive Reporting: Detailed reports assist in security analysis and compliance audits.
User-Friendly Interface: Simple navigation enhances user experience.
Scheduled Scans: Automation of scans allows for continuous monitoring.
Fast Detection: Quickly identifies vulnerabilities like SQL injection and cross-site scripting.
Integration Capabilities: Scalable solutions with compatibility across applications.
Crawling & Login Sequence: Improves depth in security analysis.

What benefits should businesses look for in reviews?

Low False Positive Rate: Accurate vulnerability detection saves time in analysis.
Time Efficiency: Automated scans reduce manual workload, improving team productivity.
Scalability: Integration features help accommodate growth and complexity.
Compliance Support: Centralized dashboard supports regulatory compliance checks.

In industries like finance, healthcare, and technology, Acunetix assists in protecting sensitive data through robust scanning and reporting capabilities. Its ability to perform dynamic assessments makes it a chosen tool in regulatory environments and development settings, offering both internal security inspections and pre-release evaluations.

Invicti

Code scanning is a feature that you use to analyze the code in a GitHub repository to find security vulnerabilities and coding errors. Any problems identified by the analysis are shown in GitHub.

GitHub

Sample Customers

Joomla!, Digicure, Team Random, Credit Suisse, Samsung, Air New Zealand

Information Not Available

Buyer's Guide

Acunetix vs. GitHub Code Scanning

April 2026

Free Report: Acunetix vs. GitHub Code Scanning

Find out what your peers are saying about Acunetix vs. GitHub Code Scanning and other solutions. Updated: April 2026.

DOWNLOAD NOW

893,221 professionals have used our research since 2012.

See our Acunetix vs. GitHub Code Scanning report.

See our list of best Static Application Security Testing (SAST) vendors.

We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.