4 out of 5.0, Reviewed Sep 19, 2016
I have been working with Acunetix WVS for many years and is still one of the best tools when it comes to web application assessment. At first glance, it may look like basic but don't get fooled by the interface there is a quite powerful pentest tool underneath. The easy to use interface makes it great when it comes to introducing new people to web assessment and pentesting and the reporting software it comes with help with the overall communication of the different issues found. The downside comes with scheduling and parallel analysis, the scheduling works through a web interface and does not let the user see the partial results until is done, this would be quite useful for those times the scanning is taking too long and you need to find a reason.
Depending on the use you will give to the tool be aware of the amount of multiple scans that can be launched at once. Make sure to configure the scanning profiles properly based on the technologies you want to analyze, otherwise you can find yourself waiting for weeks for the results.
Speed, quality and price, the tool is flexible enough to be used by individuals doing a simple assessment or companies monitoring the state and security of their internal and external websites.
The scheduling interface, the fact that you cannot see partial results until the analysis is finished.
Dealing with parallel scanning we learned that is better to have two instances of the tool in two different servers, this deals a bit with the scheduling issues of not being able to retrieve running scans into the main interface.
Quick support and contact from the vendor in case of errors or issues with the software.
4 out of 5.0, Reviewed Jun 14, 2016
Excellent product, have no issues with it.
Ensure you have people trained to use the product effectively as part of your overall VM strategy.
Works well but should be used with Source Code Scanning as well.
Should be used with a source code scanning solution.
4 out of 5.0, Reviewed Dec 7, 2015
Really good feature set for the price paid. Has an easy interface.
Understand at least OWASP Top10 issues and how they're exploited.
Ease of use & price.
Some limited flexibility in scanning; having to restart scans to reduce load, etc.
Offer training directly and not via a 3rd party.
Create key individuals in the SDLC for multiple application scanning/assessment.