Invicti Acunetix Standard vs Premium What the differences? This is one of the common questions. For new and existing customers, note that Acunetix is now being under Invicti for a couple of years. But only recently this two years they let the market know for the change of ownership. You will notice a change of logo as well.
Since Acunetix edition v10.5 onward, it has migrated and simplified and positioned as an automated web vulnerability scanner. It targets enterprise customers who need a web scanner to perform automated scan, schedule scan and able to compare previous and recent scan and track the vulnerability change along the time for the same website application or use the term from the vendor, the fixed website target.
For a long time customers will know, the current version is v13 (2021 April). It is licensed by how many targets you want to license for, that once upon defined, it can not be changed from the subscription period. In another word, if the company website is defined and locked, it will not allow it to be changed for the rest of duration. This is very important for you to understand, as you need to base on how many fixed website licenses to license the required target accordingly.
And the required minimum license period, whether you are a new customer or existing customer for renewal, it is a minimum 2 years required. Whether to make upfront payment for them, or make a special 2 years Purchase order but paid yearly arrangement. Be noted, the vendor is exercising legal binding, if customers who previous exercise for purchase order 2 year, paid yearly, even in year 2 do not want to use the software anymore, they will still exercise the billing for year 2. So, it is for customers to be noted for the minimum commitment for 2 years.
Minimum subscription is 5 target, then 10 target, 20 target, and so on. Acunetix Standard edition can only license for 5/10/20 target only. For customers to have a website go beyond, you have no option, you got to license premium edition, even have the feature you no needed.
Acunetix Standard is ideal to install to desktop, or laptop. If 24×7 running is required, then installing into a dedicated desktop will be ideal. If you want, you can install into windows server or Linux machine as well. The entire software will allow creating a single user account only, so you can use the single account to perform all the scheduled scans.
Acunetix Premium is multiple user enabled, even still a single install license, but from the software, you can create multiple different users, each user you can create different user rights. So it is more toward a scenario for more than one users, and target customer with over 20 targets fixed website, even so for customers with even 5 fixed targets can be licensed this, if you want multiple user login the same software.
One main different is the reporting feature, Acunetix Premium edition beside can generate all the report entitlement from Acunetix Standard, it allow to generate compliance reports, such as PCI DSS, ISO/IEC 27001; The Health Insurance Portability and Accountability Act (HIPAA); WASC Threat Classification; Sarbanes-Oxley; NIST Special Publication 800-53 (for FISMA); DISA-STIG Application Security; 2011 CWE/SANS Top 25 Most Dangerous Software Errors. Acunetix 360 – PCI DSS, ISO/IEC 27001; The Health Insurance Portability and Accountability Act (HIPAA); WASC Threat Classification.
Other features only available for Acunetix Premium (compare with Acunetix Standard) include continuous scanning, target groups, assign target business critically, prioritise by business critically, role-based access controls, trend graphs, WAF virtual patching, Issue Tracker Integration (Jira, Azure DevOps, GitHub, Gitlab, Bugzilla, Mantis), Jenkins Plug-in Integration, Integration APIs, as well as make use vendor integrated with OpenVAS open source network vulnerability scanner.
For more detailed comparison, you can see the below snapshot. Acunetix 360 is for customer enterprise practice DevSecOps, CI/CD. Please see our other post cover that in-depth.
We hope via this dedicated post we are able to provide better understanding for Invicti Acunetix Standard vs Premium What the differences, when you are reading this post.
E-SPIN Group in the business of application security testing (AST) end to end, include dynamic application security testing (DAST) with Acunetix product line, since version 5 in the market until now. Feel free to contact E-SPIN for the project inquiry and requirement like how to complete your enterprise application security testing (AST) for all the modern requirement, to include as well source code code review – static application security testing (SAST), mobile application security testing (mobile AST) , software composition analysis (SCA) and truly interactive application security testing (IAST) and manual application security testing (MAST) and penetration testing, as well as infrastructure security testing requirements.