Try our new research platform with insights from 80,000+ expert users

Acunetix vs Sonatype Lifecycle comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
7.6
Acunetix enhances security, reduces reliance on testers, lowers costs, and improves application security, offering strong ROI in budget discussions.
Sentiment score
7.0
Sonatype Lifecycle enhances visibility, security, and productivity, reducing vulnerability analysis time and lowering risks in application development.
It saves a significant amount of time by covering attack surfaces.
We have seen cost savings and efficiency improvements as we now know what happens in what was previously a black box.
 

Customer Service

Sentiment score
6.3
Acunetix customer service is responsive but not 24/7, with mixed reviews on support speed and issue resolution.
Sentiment score
5.7
Sonatype Lifecycle's customer service is praised for responsiveness and effectiveness, despite occasional delays with product enhancement requests.
The technical support from Invicti is very good and fast.
The technical support from Acunetix is quite good
They are helpful when we raise any tickets.
 

Scalability Issues

Sentiment score
6.8
Acunetix offers scalable, flexible scanning for varying environments, with licensing and performance as key factors impacting scalability.
Sentiment score
6.9
Sonatype Lifecycle is praised for infrastructure scalability and flexibility, but users report challenges with clustering and configuration complexities.
JFrog is easier to configure for high availability as it does not require extra components.
 

Stability Issues

Sentiment score
8.1
Acunetix boasts remarkable stability with minimal maintenance, reliable performance, consistent results, and few bugs or disruptions reported.
Sentiment score
8.0
Sonatype Lifecycle is reliable and efficient, with minimal downtime and ease of use, even for large implementations.
Sonatype Lifecycle is very stable, especially in the binary repository management use case for managing binary artifacts.
 

Room For Improvement

Acunetix users seek improvements in IAST, database, authentication, pricing, scan limits, mobile support, tool integration, and report customization.
Sonatype Lifecycle should improve integration, reporting, support, user interface, and adapt to modern practices for better user experience.
Acunetix should have better integration with newer tools such as GitHub and Azure DevOps.
The support program was helpful in addressing it.
We also noticed a lack of detailed information for configuring Sonatype Lifecycle for high availability and data recovery.
 

Setup Cost

Acunetix pricing is considered expensive, ranging $3,000-$500,000, influenced by domains and features, requiring careful evaluation.
Sonatype Lifecycle offers competitive pricing with valuable features, though costs may impact startups due to licensing complexity.
The pricing of Acunetix is pretty expensive and could be improved.
We secured a special licensing model for penetration testing companies, which is cost-effective.
For larger numbers like our case with 1,000 user licenses, JFrog becomes much more cost-effective, roughly ten times cheaper than Sonatype.
 

Valuable Features

Acunetix provides efficient vulnerability scanning with integration capabilities, accurate reporting, and is user-friendly, scalable, and low-maintenance for teams.
Sonatype Lifecycle enhances security with seamless DevOps integration, user-friendly interface, real-time updates, and efficient dependency management.
Acunetix integrates with every type of tool, including CI/CD tools, offering 100% integration in DevOps environments.
Its most valuable role is in enhancing security by identifying potential vulnerabilities efficiently.
I find it to be one of the most comprehensive tools, with support for manual intervention.
The integration into our CICD pipeline enables us to continuously monitor code changes and identify new vulnerabilities.
The most valuable feature for us is Sonatype Lifecycle's capability in identifying vulnerabilities.
 

Categories and Ranking

Acunetix
Ranking in Application Security Tools
16th
Average Rating
7.8
Reviews Sentiment
7.0
Number of Reviews
33
Ranking in other categories
Static Application Security Testing (SAST) (12th), Vulnerability Management (21st), DevSecOps (6th)
Sonatype Lifecycle
Ranking in Application Security Tools
7th
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
45
Ranking in other categories
Software Composition Analysis (SCA) (4th), Software Supply Chain Security (3rd)
 

Mindshare comparison

As of August 2025, in the Application Security Tools category, the mindshare of Acunetix is 2.8%, up from 2.3% compared to the previous year. The mindshare of Sonatype Lifecycle is 2.6%, down from 3.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

KashifJamil - PeerSpot reviewer
Has enabled teams to improve security testing with smooth integration and high accuracy
Acunetix has a very good ratio of fewer false positives, so users don't need to retest everything. Acunetix operates smoothly with no interruptions required, and it performs at 100% efficiency without issues in scanning anything. The solution is excellent at detecting SQL injection and cross-site scripting vulnerabilities. Acunetix integrates with every type of tool, including CI/CD tools, offering 100% integration in DevOps environments. The main benefit of Acunetix is that at the first level, users can address security issues related to penetration testing, allowing them to expose vulnerabilities and ensure all required testing is completed with very few false positives.
SrinathKuppannan2 - PeerSpot reviewer
Easily identifies problematic versions and ensures adherence to regulatory standards like HIPAA, critical for industries dealing with sensitive information
While Sonatype Lifecycle effectively manages artifacts in Nexus Repository and performs code firewall checks based on rules, it has the potential to expand further. I am looking forward to additional features similar to SonarQube, especially since licenses are often split per component. SonarType could integrate cloud-based capabilities, addressing the increasing shift towards cloud workloads. While there have been demos and discussions around this, significant progress on scanning and analyzing cloud images remains to be seen. I am looking forward to Sonatype incorporating these enhancements, particularly in regard to cloud-based features. On-prem workloads are getting to the cloud workloads. * I would like to see more cloud-related insights, such as logging capabilities for the images we use and image scanning information. * Additionally, it would be beneficial to have insights into the stages of dependencies and ensure they comply with standards. If there are any violations in respect to CVSS reports, * Integrating CVSS (Common Vulnerability Scoring System) report rules into the Lifecycle module to detect and report violations would be valuable. I am hoping to see these enhancements from Sonatype in the future. On the security side, I think there's a lot of development needed. There are many security tools on the market, like open-source ones, that Sonatype doesn't integrate with.
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
865,295 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
13%
Manufacturing Company
8%
Government
8%
Financial Services Firm
32%
Computer Software Company
11%
Manufacturing Company
10%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Acunetix Vulnerability Scanner?
The tool's most valuable feature is scan configurations. We use it for external physical applications. The scanning time depends on the application's code.
What is your primary use case for Acunetix Vulnerability Scanner?
Most of the customers who use Acunetix are looking for security testing. The primary use case is performing penetration testing. The main use cases include vulnerability scanning, security testing,...
What advice do you have for others considering Acunetix Vulnerability Scanner?
Acunetix supports multi-user environments effectively. Acunetix is targeted for small to mid-size teams in a DevSecOps environment, making it the best choice for small and mid-size companies, offer...
How does Sonatype Nexus Lifecycle compare with SonarQube?
We like the data that Sonatype Nexus Lifecycle consistently delivers. This solution helps us in fixing and understanding the issues a lot quicker. The policy engine allows you to set up different t...
What do you like most about Sonatype Nexus Lifecycle?
Fortify integrates with various development environments and tools, such as IDEs (Integrated Development Environments) and CI/CD pipelines.
What is your experience regarding pricing and costs for Sonatype Nexus Lifecycle?
According to my calculations, if you are working with up to 200 developers, Sonatype is cheaper than JFrog. However, for larger numbers like our case with 1,000 user licenses, JFrog becomes much mo...
 

Also Known As

AcuSensor
Sonatype Nexus Lifecycle, Nexus Lifecycle
 

Overview

 

Sample Customers

Joomla!, Digicure, Team Random, Credit Suisse, Samsung, Air New Zealand
Genome.One, Blackboard, Crediterform, Crosskey, Intuit, Progress Software, Qualys, Liberty Mutual Insurance
Find out what your peers are saying about Acunetix vs. Sonatype Lifecycle and other solutions. Updated: July 2025.
865,295 professionals have used our research since 2012.