Acunetix vs Software Risk Manager ASPM comparison

Invicti and Black Duck are both solutions in the Static Application Security Testing (SAST) category. Invicti is ranked #8 with an average rating of 7.9, while Black Duck is ranked #28. Invicti holds a 2.6% mindshare in SAST, compared to Black Duck’s 1.2% mindshare. Additionally, 88% of Invicti users are willing to recommend the solution.

Acunetix

Read 36 Acunetix reviews

8,861 Views
5,051 Comparison Views

88% willing to recommend

Software Risk Manager ASPM

Read 1 Software Risk Manager ASPM review

1,992 Views
1,394 Comparison Views

0% willing to recommend

Acunetix

Software Risk Manager ASPM

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Mar 22, 2026

Acunetix and Software Risk Manager ASPM compete in the cybersecurity space. Acunetix holds the upper hand in terms of pricing and support, while Software Risk Manager ASPM excels through its advanced features and comprehensive security capabilities.

Features: Acunetix offers automated scanning for vulnerabilities, detailed reporting, and integration with various development tools. Software Risk Manager ASPM provides application security posture management, real-time risk assessment, and incident response capabilities.

Ease of Deployment and Customer Service: Acunetix has a straightforward deployment process supported by excellent customer service and detailed documentation. Software Risk Manager ASPM deployment can be more complex, requiring additional configuration but benefits from high-quality, responsive support.

Pricing and ROI: Acunetix is known for competitive pricing with a lower initial setup cost, delivering faster ROI due to its ease of use. Software Risk Manager ASPM requires a higher initial investment but offers long-term ROI through comprehensive security solutions.

To learn more, read our detailed Static Application Security Testing (SAST) Report (Updated: April 2026).

Buyer's Guide

Static Application Security Testing (SAST)

April 2026

Download the complete report

Helped 893,221 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Acunetix

Ranking in Static Application Security Testing (SAST)

8th

Average Rating

7.8

Reviews Sentiment

6.6

Number of Reviews

Ranking in other categories

Application Security Tools (15th), Vulnerability Management (30th), DevSecOps (5th)

Software Risk Manager ASPM

Ranking in Static Application Security Testing (SAST)

28th

Average Rating

0.0

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

Software Composition Analysis (SCA) (23rd), Application Security Posture Management (ASPM) (15th)

Mindshare comparison

As of May 2026, in the Static Application Security Testing (SAST) category, the mindshare of Acunetix is 2.6%, down from 3.7% compared to the previous year. The mindshare of Software Risk Manager ASPM is 1.2%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Static Application Security Testing (SAST) Mindshare Distribution
Product	Mindshare (%)
Acunetix	2.6%
Software Risk Manager ASPM	1.2%
Other	96.2%

Static Application Security Testing (SAST)

Featured Reviews

Rahul Kumar

Senior Engineer - Penetration Tester at a government with 10,001+ employees

Identifies vulnerabilities across bulk web applications but needs better support and cleaner reports

The best feature Acunetix offers is the centralized dashboard and the quality of reports it generates, which includes various options for selecting reports and developer options for directly sharing the reports with developers. The centralized dashboard of Acunetix gives visibility into the security aspects of mass applications; for instance, with more than 200 applications, it provides a valuable overview of findings and necessary fixes, along with a high-level summary that helps us achieve compliance through monthly and sometimes weekly scanning. In terms of reporting, Acunetix is excellent because it can generate different types of reports, such as an executive summary report, detailed reports, and developer reports that can be shared directly with developers. Acunetix positively impacts my organization by helping identify outdated libraries and applications, including legacy applications vulnerable to old attacks based on OWASP Top 10, thus aiding in compliance checks for PCI DSS and OWASP. Acunetix provides a centralized report with compliance-related aspects and a vulnerability timeline, effectively helping reduce vulnerabilities and save time.

Read full review

Saravanan_Radhakrishnan

Senior Manager at Happiest Minds Technologies

Facilitates continuous assessment of applications, covering both static and dynamic security aspects

Code Dx lacks one aspect, the dynamic security part, known as DAST. It's not an on-premise solution; it's in the cloud now. There are compliance standards and data standards where the customer might need to have the data on-premises for dynamic security testing. So that is one shortfall. An area of improvement could be developing an on-premise DAST solution. The current one is a complete cloud-based solution, and that can be one of the areas of improvement.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most important feature is that it's a web-based graphical user interface. That is a great addition. Also, the ability to schedule scans is great."

"The usability and overall scan results are good."

"I find it to be one of the most comprehensive tools, with support for manual intervention."

"Overall, I believe Acunetix to be one of the best products on the market."

"It's very user-friendly for the testing teams. It's very easy for them to understand things and to fix vulnerabilities."

"Segregation of reports is really, really good with Acunetix; it provides us with a lot of in-depth details."

"For us, the most valuable aspect of the solution is the log-sequence feature."

"The vulnerability scanning option for analyzing the security loopholes on the websites is the most valuable feature of this solution."

More Acunetix pros

"The customers were looking for something around static security and dynamic security, and in all those areas, they were looking for an industry leader with a proven solution. Synopsys is a Gartner leader, so I position this particular technology for the technical pre-sales part of it."

Cons

"However, their response is too slow."

"In terms of additional features, we are currently missing some tools that would allow us to work more efficiently with the mobile environment, with Android and iOS."

"However, it doesn't seem very helpful or useful for scanning web services, and that has what I feel that the organization could work better on that."

"There are some versions of the solution that are not as stable as others."

"The solution can be improved by adding the ability to scan subdomains automatically, and by providing reports that can be exported to external databases to share with other solutions."

"There is room for improvement in the pricing."

"The cost can be reduced as management has noted it to be on the higher side."

"It should be easier to recreate something manually, with the manual tool, because Acunetix is an automatic tool. If it finds something, it should be easier to manually replicate it. Sometimes you don't get the raw data from the input and output, so that could be improved."

More Acunetix cons

"The initial setup is a bit challenging because things are not easy. It needs a lot of technology adaptability plus the customer's environment-specific use cases."

Pricing and Cost Advice

"I would say that Acunetix is expensive because there are products on the market with similar features that are equally or better-priced."

"It is a bit expensive. If you need to check five applications, you have to pay almost 14,000. It is an agreement for two years at 7,000 per year for only five applications. You cannot change the applications in the license. So, you are stuck with the same license for the five applications for one full year."

"Acunetix was around the same price as all the other vendors we looked at, nothing special."

"When compared with other products, the pricing is a little bit high. But it gives value for the price. It serves the purpose and is worthwhile for the price we pay."

"Implementing Acunetix needs a medium or larger business agency, because you need some money to get Acunetix. It is costly, but if you care about your agency's security, then maybe it's a cost that might help you in the future."

"The costs aren't very expensive. It costs around $3000 or $4000."

"When we looked at all other vendors and what they were asking for, to provide a third of what Acunetix was capable of doing, it was an easy decision... But now that it's coming to a cost where it's line with market value, it becomes more of a competition... Acunetix is raising the cost of licensing. It's 3.5 times what we were initially quoted."

"All things considered, I think it has a good price/value ratio."

More Acunetix pricing and cost advice

"It is more of an enterprise solution for budget-conscious customers. So, it's moderately priced. It's not for everybody."

See which vendors are best for you

Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.

See recommendations

893,221 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

13%

Computer Software Company

11%

Manufacturing Company

Government

Financial Services Firm

16%

University

11%

Manufacturing Company

10%

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	15
Midsize Enterprise	7
Large Enterprise	18

No data available

Questions from the Community

What is your primary use case for Acunetix Vulnerability Scanner?

My main use of Acunetix is to scan my web application. I mostly deal with web applications and with Acunetix Network Security Component, but I have not activated the network component before and wi...

See all answers

What advice do you have for others considering Acunetix Vulnerability Scanner?

I am still working with Acunetix, and we have even moved to their new platform, Invicti. I have requested a demo for Acunetix DeepScan technology, but I have yet to go through DeepScan. That was th...

See all answers

What is your experience regarding pricing and costs for Acunetix?

I would say the pricing is average, but still, it is higher than low.

See all answers

Ask a question

Earn 20 points

Comparisons

OWASP Zap vs Acunetix

Compared 8% of the time

PortSwigger Burp Suite Professional vs Acunetix

Compared 7% of the time

Invicti vs Acunetix

Compared 5% of the time

HCL AppScan vs Acunetix

Compared 4% of the time

Veracode vs Acunetix

Compared 4% of the time

More Acunetix Competitors

PortSwigger Burp Suite Professional vs Software Risk Manager ASPM

Compared 20% of the time

Veracode vs Software Risk Manager ASPM

Compared 9% of the time

Polaris Platform vs Software Risk Manager ASPM

Compared 8% of the time

Checkmarx One vs Software Risk Manager ASPM

Compared 6% of the time

Ivanti Neurons for ASPM vs Software Risk Manager ASPM

Compared 5% of the time

More Software Risk Manager ASPM Competitors

Product Reports

Buyer's Guide

Acunetix

May 2026

Download Acunetix product report

Buyer's Guide

Application Security Posture Management (ASPM)

April 2026

Download Software Risk Manager ASPM product report

Also Known As

AcuSensor

Code Dx

Overview

Acunetix is a dynamic application security tool used globally for web application vulnerability scanning, focusing on SQL injection and cross-site scripting.

Acunetix provides a comprehensive web vulnerability assessment platform designed for identifying and remediating security threats. Users benefit from its ability to schedule scans, boasting a fast detection rate for common vulnerabilities. The tool's centralized dashboard helps organizations with compliance monitoring and features such as crawling and login sequence enhancements, contributing depth to its security assessments. Despite high praise for its integration capabilities and automated scanning that saves time, pricing and false positives present challenges. Organizations often use Acunetix to maintain internal security and evaluate pre-release environments.

What are Acunetix's main features?

Comprehensive Reporting: Detailed reports assist in security analysis and compliance audits.
User-Friendly Interface: Simple navigation enhances user experience.
Scheduled Scans: Automation of scans allows for continuous monitoring.
Fast Detection: Quickly identifies vulnerabilities like SQL injection and cross-site scripting.
Integration Capabilities: Scalable solutions with compatibility across applications.
Crawling & Login Sequence: Improves depth in security analysis.

What benefits should businesses look for in reviews?

Low False Positive Rate: Accurate vulnerability detection saves time in analysis.
Time Efficiency: Automated scans reduce manual workload, improving team productivity.
Scalability: Integration features help accommodate growth and complexity.
Compliance Support: Centralized dashboard supports regulatory compliance checks.

In industries like finance, healthcare, and technology, Acunetix assists in protecting sensitive data through robust scanning and reporting capabilities. Its ability to perform dynamic assessments makes it a chosen tool in regulatory environments and development settings, offering both internal security inspections and pre-release evaluations.

Invicti

Software Risk Manager is an application security posture management (ASPM) solution that enables security and development teams to manage their application security programs at enterprise scale. By unifying policy, test orchestration, correlation, prioritization, and built-in static application security testing (SAST) and software composition analysis (SCA) engines, organizations can streamline their security activities across the enterprise.

Black Duck

Sample Customers

Joomla!, Digicure, Team Random, Credit Suisse, Samsung, Air New Zealand

Discover why companies like: CGI said, "Synopsys and Software Risk Manager have provided the results we’re looking for".

Buyer's Guide

Static Application Security Testing (SAST)

April 2026

Download Free Report

Find out what your peers are saying about SonarSource Sàrl, Checkmarx, Veracode and others in Static Application Security Testing (SAST). Updated: April 2026.

DOWNLOAD NOW

893,221 professionals have used our research since 2012.

See our list of best Static Application Security Testing (SAST) vendors.

We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.