Acunetix

Gestão de vulnerabilidades e segurança de rede integradas.

4,5 /5 (32 avaliações) Escreva uma avaliação!

Resumo do Acunetix

O que é o Acunetix?

O Acunetix é uma solução de varredura de segurança cibernética e vulnerabilidade da Internet que oferece tecnologia automática de teste de segurança da Internet que permite às organizações verificar e auditar sites complexos, autenticados, com uso pesado de HTML5 e JavaScript. O Acunetix oferece a capacidade de detectar mais de 45 mil vulnerabilidades da Internet, como XSS, XXE, SSRF, injeção de SQL, injeção de cabeçalho de host e muito mais, o que pode comprometer o site e os dados da empresa.

A varredura de vulnerabilidades do Acunetix ajuda a detectar com precisão as vulnerabilidades críticas de aplicativos da Internet, inclusive software de código aberto e aplicativos personalizados. As tecnologias inovadoras da solução incluem o DeepScan, que permite o rastreamento de aplicativos de página única com uso pesado de AJAX, o AcuSensor, que combina técnicas de varredura de caixa preta com comentários dos sensores inseridos no código-fonte, além de injeção de SQL e teste de script entre sites. O Acunetix também tem a capacidade de verificar as instalações do WordPress em busca de mais de mil vulnerabilidades conhecidas no núcleo, plugins e temas da plataforma, enquanto a ferramenta de gravador de sequência de login automatiza a verificação de áreas protegidas por senha complexas.

Uma combinação de testes de caixa preta e caixa branca ajuda a aumentar a taxa de detecção de uma varredura e ajuda a reduzir as taxas de falsos positivos, além da verificação automática de várias vulnerabilidades de alta gravidade. A visibilidade da linha de código indica qual é a linha de código vulnerável, identificando o que precisa ser corrigido e onde. O Acunetix também verifica os serviços de rede perimetrais para ajudar a evitar violações de dados, além de testar redes quanto a vulnerabilidades e configurações incorretas. Os recursos avançados incluem ferramentas manuais de teste de penetração, configuração automática do firewall de aplicativos da Internet (WAF) e uma API REST para integrar o Acunetix a outros fluxos de trabalho e processos personalizados.

Resumo do Acunetix

Preços

A partir de
US$ 0,00

Opções de preços

Teste Grátis
Assinatura
Relação qualidade/preço

Recursos do Acunetix

Dispositivos
Porte da empresa
P M G
Mercados
Ásia, Austrália, Brasil, Canadá, Europa e outros 5, Alemanha, Índia, Japão, América Latina, México
Idiomas
Inglês

Capturas de tela

Captura de tela do Acunetix: Detect web application vulnerabilities with accuracy
Captura de tela do Acunetix: Detect web application vulnerabilities with accuracy Captura de tela do Acunetix: Acunetix provides a fast, multi-threaded crawler and scanner that can crawl hundreds of thousands of pages without interruptions Captura de tela do Acunetix: AcuSensor Technology for .NET, PHP and JAVA enhances a regular dynamic scan through the deployment of sensors inside the source code Captura de tela do Acunetix: AcuSensor indicates the vulnerable line of code for several high-severity vulnerabilities and reports additional debug information Captura de tela do Acunetix: Reports allow users to share security findings internally with management and with regulatory bodies Captura de tela do Acunetix: Acunetix checks for a number of possible WordPress configurations, username enumerations, and more

Acunetix - Avaliações

Acunetix - Avaliações

Classificação geral
4,5
/
5
Excelente
19

Muito bom
10

Regular
3

Ruim
0

Péssimo
0

Relação qualidade/preço
4
Recursos
4,3
Praticidade
4,5
Suporte ao cliente
4,3
91% dos usuários recomendam este app
Zuzana B.

Full analysis of possible vulnerabilities to our website.

It is one of the tools widely used in the detection of vulnerabilities, one of the reasons why it applies for speed in terms of the analysis as well as the report presented which allows taking the necessary actions to correct these vulnerabilities.


Traduzir com Google
Juho W.

The guarantee of safety

The only thing about using the Acunetix is takin it seriously and really use the instructions it gives you. The reporting system sends the instructions of providing complete security to your documents and all you have to do is to follow those instructions.


Traduzir com Google
Avaliador Verificado

Ok tool, but fix your business model and add more settings to the interface

Continuation of the cons section (number of chars was limited).

* Settings are sometimes unclear, an info icon with a popup would be nice.

Example 1: In the "Site Structure" of a scan it is possible to press "exclude", does it exlude the path from futre scans? If so why don't I see anything in the target settings? Or does "exlude" exclude vulnerabilities from the report? BTW after pressing exlude I'm not able to "include" it again.

Example 2: "scan speed", how many threads per setting are we talking about?

* Would definitly like to get some more feedback from scans directly in the interface, what is it doing, why did it fail, did all the "allowed hosts" got scanned etc. I know you can debug a target, but this is not what I mean.


Traduzir com Google
Avaliador Verificado

Simple, but very powerful web vunlerability scanner

Good thing for a web application pentesting, can give You insight of a present vulnerabilities. Would recommend using in tandem with infrastructure scanner (like Nessus) to create a complete testing solution. Also presence of continous scanning and scheduler could be used for a regular security assesment of Your web applications.


Traduzir com Google
Avaliador Verificado

Easy to setup, nice results

As a scanner it is quite good, relevant and well described findings, so far no false positives. Following an initial trial and PoC with couple of competitors, Acunetix had the best features, most suitable licensing model, good support, so we purchased a three year license. However, at some point, it all changed. The license became based on other criteria, the testing and verification tools were removed, there is no support or way of reverting to a previous version, after you realise that the changes introduced and making the software unusable or insufficient. Overall, unless there are guarantees that it won't happen again, I will be very reluctant to renew.


Traduzir com Google
Zuzana B.
Setor: Serviços e tecnologia da informação
Porte da empresa: 501-1.000 funcionários
Traduzido para o Português

Full analysis of possible vulnerabilities to our website.

Usado Semanal durante Mais de um ano
Avaliado em 21/11/2019
Fonte da avaliação: Capterra

It is one of the tools widely used in the detection of vulnerabilities, one of the reasons why it applies for speed in terms of the analysis as well as the report presented which allows taking the necessary actions to correct these vulnerabilities.

Vantagens

This program performs a complete scan of the entire website in such a way that it inspects the possible vulnerabilities that our website may have, basically tracks the entire infrastructure of the website and after this provides a detailed report so it also avoids false positives. and gives the possible indications that should be applied to avoid the vulnerabilities that arise.

Desvantagens

It is one of the best options that should not be implemented, since website security is a very important aspect for the client.

Traduzido para o Português

Resposta do Acunetix

Thank you for your review of the Acunetix product, we appreciate your time and are delighted to be of service to your company!
We would be grateful if you would agree to a case study write up, please let me know.

Kind Regards

Detalhamento da qualificação

Relação qualidade/preço
Praticidade
Suporte ao cliente

Probabilidade de recomendação: 9.0/10

Juho W.
Setor: Serviços de informação
Porte da empresa: 5.001-10.000 funcionários
Traduzido para o Português

The guarantee of safety

Usado Diariamente durante Mais de um ano
Avaliado em 11/03/2019
Fonte da avaliação: Capterra

The only thing about using the Acunetix is takin it seriously and really use the instructions it gives you. The reporting system sends the instructions of providing complete security to your documents and all you have to do is to follow those instructions.

Vantagens

The unique thing about the program which makes it distinguish among the many other programs of this type is the security system. Overtime you add a document to your profile the program analyzes the risks of the document to be stolen and creates a kind of the special defense for this particular document.
This way, the program not only provides the user with the incredibly convenient service and saves his or her time, but also prevents from losing money and getting stressed. It is hard to imagine a scanner to be that universal. The Acunetix can easily cope with documents of any format and keeps everything you are working with really secure so that the really important documents or the catching fire ideas are totally under your control, there is no need to worry.

Desvantagens

The only inconvenient thing about the Acunetix is something the people call «Overprotection». Once you are signed in the security system is on and covers not only the documents dowloaded to the program, but it also washes every activity you might possibly do in the Internet and regularly sends you the warning alerts about the unsecured websites.

Traduzido para o Português

Resposta do Acunetix

Thank you for your review. Your feedback is very important to us.

Detalhamento da qualificação

Relação qualidade/preço
Praticidade
Suporte ao cliente

Probabilidade de recomendação: 8.0/10

Avaliador Verificado
Setor: Segurança de rede e informática
Porte da empresa: 13-50 funcionários
Traduzido para o Português

Ok tool, but fix your business model and add more settings to the interface

Usado Diariamente durante Mais de dois anos
Avaliado em 17/08/2018
Fonte da avaliação: Capterra

Continuation of the cons section (number of chars was limited).

* Settings are sometimes unclear, an info icon with a popup would be nice.

Example 1: In the "Site Structure" of a scan it is possible to press "exclude", does it exlude the path from futre scans? If so why don't I see anything in the target settings? Or does "exlude" exclude vulnerabilities from the report? BTW after pressing exlude I'm not able to "include" it again.

Example 2: "scan speed", how many threads per setting are we talking about?

* Would definitly like to get some more feedback from scans directly in the interface, what is it doing, why did it fail, did all the "allowed hosts" got scanned etc. I know you can debug a target, but this is not what I mean.

Vantagens

* The number of checks that take place.

* The quality of the issues found.

* After years it is finally possible to pause a scan, hallelujah.

Desvantagens

* As a pentester I absolutely miss a more flexible way to configure settings like it was possible in v10. The interface is built as "point a shoot", idiot proof. Currently, If I want to configure things I need to change xml config files on the server and reload acunetix...

* After the release of v12 we were called by a sales agent as we suddently couldn't add targets anymore. The license model suddenly changed completely. The entire business model is now based on scanning an applications continuously over the year. However, as a pentesting business for we mostly scan apps just 1 time for our security assessments. It absolutely makes no sense to apply the same costs! Just like Netsparker, acunetix should have plans for pentesters and consultants.

* Scanning an app that spans multiple domains always results in problems. Currently you have the "Allowed hosts" settings which is crappy in setting up. I need to set all (sub) domains to a different target. And ofcourse with the current business model you are charged per target, lol.

Traduzido para o Português

Resposta do Acunetix

Thank you for your honest feedback:

As you rightly say, we try to keep an easy to use interface, with the intention of automatically detecting the best way to scan the site. There are some settings which are not used by most of our customers, and which can be manually tweaked from the settings file.

I think you might have missed the little help icon at the top right corner of the Acunetix interface. When clicked, this provides help on the settings loaded in the current page. But to answer your queries:

Example 1 - When you Exclude a path from the Site Structure, the exclusion will be stored with the Target, and will affect subsequent scans. You can delete the exclusion from the Target settings.

Example 2: this is explained on our website at https://www.acunetix.com/blog/docs/configure-scan-speed-acunetix/. I have forwarded your comment about the scan feedback to the product team.

Regarding licensing, I would suggest that you get in touch with our sales team, who can work

Detalhamento da qualificação

Relação qualidade/preço
Praticidade
Suporte ao cliente

Probabilidade de recomendação: 7.0/10

Avaliador Verificado
Setor: Serviços e tecnologia da informação
Porte da empresa: 201-500 funcionários
Traduzido para o Português

Simple, but very powerful web vunlerability scanner

Usado Semanal durante 6 a 12 meses
Avaliado em 13/08/2018
Fonte da avaliação: Capterra

Good thing for a web application pentesting, can give You insight of a present vulnerabilities. Would recommend using in tandem with infrastructure scanner (like Nessus) to create a complete testing solution. Also presence of continous scanning and scheduler could be used for a regular security assesment of Your web applications.

Vantagens

Ease of use, good customer support, very insightful reports (especially Developer raport), good vulnerability management. Also continous scanning option is an interesting thing for having continous security awareness of Your vulnerability level. Also login sequence recorder is an awesome tool.

Desvantagens

Not a lot of scan options to configure - especially in comparison to Nessus - every check is done in default, You can't choose specifically which test is done in selected scan, only the type of scan (full, high-risk vulnerabilities, xss, sqli, weak passwords, crawl only ) or technology in which the scanned web app is written.

Traduzido para o Português

Resposta do Acunetix

Thank you for your feedback ¿ we¿re glad that Acuneix is working for you.

Regarding your comment about choosing what to scan for ¿ you can already do this in Acunetix, although the feature is slightly hidden away in Settings > Scan Types. Here you can create your own custom Scan Types, and you will be able to choose which vulnerabilities to check for. When creating a new custom Scan Type, you can filter the vulnerability checks from the top right hand corner of the page.

Remember that you can also easily retest for a specific vulnerability identified in a previous scan.

Detalhamento da qualificação

Relação qualidade/preço
Praticidade
Suporte ao cliente

Probabilidade de recomendação: 8.0/10

Avaliador Verificado
Setor: Serviços financeiros
Porte da empresa: 51-200 funcionários
Traduzido para o Português

Easy to setup, nice results

Usado Semanal durante Mais de dois anos
Avaliado em 13/08/2018
Fonte da avaliação: Capterra

As a scanner it is quite good, relevant and well described findings, so far no false positives. Following an initial trial and PoC with couple of competitors, Acunetix had the best features, most suitable licensing model, good support, so we purchased a three year license. However, at some point, it all changed. The license became based on other criteria, the testing and verification tools were removed, there is no support or way of reverting to a previous version, after you realise that the changes introduced and making the software unusable or insufficient. Overall, unless there are guarantees that it won't happen again, I will be very reluctant to renew.

Vantagens

Very easy to setup initially, running scans quite fast, good crawler, very nice and understandable results.

Desvantagens

The license model changed somehow in the middle of the three years, so it became impossible to continue to use it as planned without paying much more. Tools were removed.

Traduzido para o Português

Resposta do Acunetix

Thank you for your feedback.

You can download the free Acunetix Manual Pentesting Tools from https://www.acunetix.com/vulnerability-scanner/free-manual-pen-testing-tools/. You can copy the Request done by Acunetix from the Vulnerability details, and use this in the Acuneix Manual Tools

Detalhamento da qualificação

Relação qualidade/preço
Praticidade
Suporte ao cliente

Probabilidade de recomendação: 8.0/10

Recomendação do usuário
8,2/10
Baseado em 32 usuários
Compare as alternativas por recomendação dos usuários
Compare com alternativas

Preço do Acunetix

Preço do Acunetix

A partir de
US$ 0,00
Teste Grátis
Assinatura
Relação qualidade/preço
Relação qualidade/preço
4/5
Baseado em 32 usuários
Compare as alternativas por relação qualidade/preço
Compare com alternativas

Recursos do Acunetix

Recursos do Acunetix

API
Alertas de riscos
Alertas/transferência
Armazenamento de dados seguros
Auditoria
Autenticação
Autenticação de dois fatores
Controle do acesso
Gerenciamento de senhas
Gerenciamento de usuários
Gestão de conformidade
Gestão de políticas
Integração de terceiros
Logon único
Monitoramento
Monitoramento em tempo real
Painel de atividades
Registro de auditoria
Relatórios e estatística
Segurança de SSL
Recursos
4,3/5
Baseado em 32 usuários
Compare as alternativas por avaliações dos recursos
Compare com alternativas

Categorias

Perguntas frequentes sobre o Acunetix

Perguntas frequentes sobre o Acunetix

Abaixo estão algumas perguntas frequentes sobre o Acunetix.

P: Que tipo de planos o Acunetix oferece?

O Acunetix oferece os seguintes planos de pagamento:

A partir de: US$ 0,00

Modelo de preços: Assinatura

Teste Grátis: Disponível

P: Quais são os principais recursos do Acunetix?

Não temos informações sobre os recursos do Acunetix.

P: Quem costuma usar o Acunetix?

Os clientes habituais do Acunetix são:

Grandes empresas, Empresas de médio porte, Pequenas empresas

P: Em que idioma o Acunetix está?

O Acunetix está nos seguintes idiomas:

Inglês

P: Que tipo de planos o Acunetix oferece?

O Acunetix tem os seguintes planos de preços:

Assinatura

P: O Acunetix é compatível com disponíveis móveis?

Não temos informações sobre os dispositivos compatíveis com o Acunetix.

P: O Acunetix se integra com quais outros aplicativos?

O Acunetix se integra com os seguintes aplicativos:

Centraleyezer, GitHub, JIRA, Jenkins, Lockpath, ThreadFix, Wordpress

P: Que nível de suporte o Acunetix oferece?

O Acunetix oferece as seguintes opções de suporte:

Suporte por telefone, FAQs, Suporte online