| Standard | Premium | Acunetix 360 | API Security | |
|---|---|---|---|---|
| Scan for 12,000+ web vulnerabilities | ||||
| Scan for 50,000+ network vulnerabilities | N/A | |||
| Scan for 7,000+ vulnerabilities in WordPress and Wordpress plugins | N/A | |||
| Crawl HTML5 websites and AJAX-heavy client-side SPAs | ||||
| Proof-based scanning technology (proof of exploit) | ||||
| Predictive application risk scoring (proactive prioritization) | N/A | |||
| IAST component | N/A | |||
| API discovery via zero-config | * | * | * | |
| API discovery via API Management System integrations | * | * | * | |
| API discovery via network traffic analysis | * | * | * | |
| Out-of-band vulnerability testing | N/A | |||
| Standard role-based access controls | ||||
| Customizable role-based access controls | Premium+ Only | |||
| Compliance reports (HIPAA, PCI-DSS, ISO/IEC 27001, and more) | ||||
| Issue tracker and SDLC integrations | ||||
| Web asset discovery | ||||
| Customizable workflows | ||||
| PCI ASV scans | N/A | |||
| PAM (Privileged Access Management) tools | ||||
| World-class standard support plus additional options | ||||
| Invicti Customer Success Manager |
* Available with the purchase of Invicti API Security
Full Feature List
| Architecture and Scale | Standard | Premium | Acunetix 360 | API Security |
|---|---|---|---|---|
| Max number of web scans | Unlimited | Unlimited | Unlimited | Unlimited |
| Max number of users | 1 | Unlimited | Unlimited | Unlimited |
| Max number of scan engines | 1 | Unlimited | Unlimited | Unlimited |
| Multi-user | ||||
| SSO (Single Sign On) | Premium+ Only | |||
| User Roles and Privileges | ||||
| Authentication Support (OAuth2, Web Forms, SSO, Client-side Certificates, Basic Auth, NTLM, Digest, Kerberos) | ||||
| Cloud delivery | ||||
| On-Premises delivery | ||||
| Vulnerability Assessment Engine | Standard | Premium | Acunetix 360 | API Security |
| Scan online web application assets | ||||
| Scan internal web application assets | On-Prem or Premium+ Only | |||
| Scan APIs that use a REST, SOAP, or GraphQL architecture | ||||
| Malware scanning/malware analyzer | N/A | |||
| Crawler engine based on Chromium | N/A | |||
| Out-of-band vulnerability testing | N/A | |||
| Login sequence recorder/login custom script | N/A | |||
| Manual intervention during scan/interactive login | On-Prem Only | N/A | ||
| Detect malicious or phishing URLs | N/A | |||
| Custom authentication | ||||
| Heuristic URL rewrite detection/smart scanning | ||||
| Proof-based scanning technology (proof of exploit) | ||||
| Business logic recorder | N/A | |||
| Key Reports & Vulnerability Severity Classification | Standard | Premium | Acunetix 360 | API Security |
| Key reports (affected items, quick, developer, executive) | ||||
| OWASP TOP 10 | ||||
| OWASP API Top 10 | ||||
| CVSS (Common Vulnerability Scoring System) for severity | ||||
| Remediation advice | ||||
| Compliance reports (HIPAA, PCI-DSS, ISO/IEC 27001, and more) | ||||
| Centralized Management & Extensibility | Standard | Premium | Acunetix 360 | API Security |
| Dashboard | ||||
| Trend charts | ||||
| Basic notifications | ||||
| Advanced, customizable notifications | ||||
| Scheduled scanning | ||||
| Incremental scanning | ||||
| Target groups | ||||
| Assign and prioritize targets by business criticality | ||||
| Role-based access controls | ||||
| Issue tracker integration (Jira, Azure DevOps, GitHub, Gitlab, Bugzilla, Mantis) | ||||
| Advanced issue tracker integration (ServiceNow, Splunk) | ||||
| Jenkins plug-in integration | ||||
| CI/CD integration (Jenkins, Github, GitLab, Azure Devops, CircleCI) | ||||
| Advanced CI/CD integration (Bamboo, TeamCity, Travis CI, UrbanCode Deploy) | ||||
| API Management System integrations (MuleSoft Anypoint Exchange, AWS API Gateway, Apigee X API Hub) | ||||
| Create exports for WAF virtual patching | ||||
| Integration APIs | ||||
| Retest vulnerability functionality | ||||
| Scan optimiser | ||||
| Custom vulnerability check | ||||
| Workflow tools to manage the long-term security of 100s and 1000s of web applications | ||||
| Scan policy |
Frequently asked questions
Acunetix pricing is based on long-term subscription agreements. The price presented above is for an annual subscription to our service available on-premise or online (in the cloud). The actual price is determined based on the number of websites or web applications being scanned, the length of the contract, and other factors.
If you are interested in Acunetix, don’t hesitate to ask us to show you a demonstration of how our software works and how it can solve your problems. Once we demonstrate how Acunetix will help you improve your security posture, we’re confident you’ll be ready for us to support you in an individual trial that will allow you to test drive Acunetix on your web applications.
In many cases, more than one Acunetix product could meet your needs and we understand it can be difficult to decide which one would be the best. We can help you make that decision based on our experiences with many other successful implementations and our expertise in web application security.
While Acunetix pricing is based on particular plans, we customize pricing to match your needs. Therefore, please do not hesitate to contact us, let us understand your needs, and we’ll find a way to be able to satisfy them.