Acunetix by Invicti vs. F5 Distributed Cloud Bot Defense

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Acunetix by Invicti
Score 8.0 out of 10
N/A
AcuSensor from Maltese company Acunetix is application security and testing software.
$4,500
F5 Distributed Cloud Bot Defense
Score 8.7 out of 10
N/A
F5 Distributed Cloud Bot Defense (formerly Shape Defense, acquired January 2020) provides security to protect a website from bots, fake users, and unauthorized transactions, preventing large scale fraud and eroded user experiences. Companies get visibility, detection and mitigation outcomes to reduce fraud and cloud hosting, bandwidth and compute costs, improve user experiences, and optimize their business based on real human traffic.N/A
Pricing
Acunetix by InvictiF5 Distributed Cloud Bot Defense
Editions & Modules
Websites Scanned: 5
4,500
Websites Scanned: 6-10
7,200
Websites Scanned: 11-20
10,800
Websites Scanned: 21-35
22,540
Websites Scanned: 36-50
26,600
Websites Scanned: Over 50
Contact for quote
Enterprise
Custom Quote
per year
Offerings
Pricing Offerings
Acunetix by InvictiF5 Distributed Cloud Bot Defense
Free Trial
YesYes
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeOptional
Additional Details
More Pricing Information
Community Pulse
Acunetix by InvictiF5 Distributed Cloud Bot Defense
Best Alternatives
Acunetix by InvictiF5 Distributed Cloud Bot Defense
Small Businesses
GitLab
GitLab
Score 8.7 out of 10
GitLab
GitLab
Score 8.7 out of 10
Medium-sized Companies
Veracode
Veracode
Score 8.7 out of 10
Veracode
Veracode
Score 8.7 out of 10
Enterprises
Veracode
Veracode
Score 8.7 out of 10
Veracode
Veracode
Score 8.7 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Acunetix by InvictiF5 Distributed Cloud Bot Defense
Likelihood to Recommend
9.0
(0 ratings)
8.7
(0 ratings)
Support Rating
-
(0 ratings)
8.5
(0 ratings)
Implementation Rating
-
(0 ratings)
8.2
(0 ratings)
User Testimonials
Acunetix by InvictiF5 Distributed Cloud Bot Defense
Likelihood to Recommend
Acunetix scales well from a small web development presence like ours to a full-scale enterprise focused on that. The various tools and sensors that provide assurance of the results and can give feedback down to the lines of code in the source are proof of this. Various integrations exist as well. The main thing for us is that it simplifies confirming and remediating potential issues in our code or proving that products we use have issues that we can then take to the vendor for correction.
Read full review
I'd strongly recommend it, but with a few caveats depending on how mature the team is with behavioral based security tools. One of our fintech clients was getting hit with low volume, widely spread login attempts, below our rate limiting thresholds. F5 Distributed Cloud Bot Defense was able to flag abnormal input timings, inconsistent device fingerprinting and high entropy in field population behavior. You can only imagine the wave of downstream account lockouts this saved the client. On the other end we had a client with a real time trading platform using Graphql over websockets. F5 Distributed Cloud Bot Defense wasn't able to tap into that stream natively. we had to reverse engineer a proxy layer to inspect events. It worked but it was clunky and not officially supported
Read full review
Pros
  • Integration of tool with different IDE is great
  • Easy to scan code and identify vulnerabilities
  • Dashboard is easy to customise
Read full review
  • Regularly analyze traffic patterns and bot activity. Use the insights provided by the platform to refine rules and policies.
  • Configure rules to specify acceptable behavior for user interactions and alter sensitivity levels as appropriate to reduce false positives.
  • Integrate F5 Bot Defense into our existing security stack, which may include WAFs (Web Application Firewalls) and SIEM (Security Information and Event Management) solutions.
Read full review
Cons
  • Does not support multiple endpoints well (e.g. apps and services that do not reside at the same URL).
  • Has authentication problems with modern enterprise apps which involve a lot of redirects to unrelated endpoints, federated IDs, SSO, etc. This is related to the first point.
  • The vulnerability detection capability is not as robust as Burp Suite Pro + extensions, Metasploit + auxiliary modules, Nmap + scripts, etc.
Read full review
  • On a technical side, we've had a lot of deployment issues. This is not a one-sprint solution.
  • We ran into undocumented failure modes and had to rely on L2 and L3 customer support, delaying troubleshooting significantly [in our experience].
  • Accurate log ingestion is a larger challenge than one would want in a security tool.
Read full review
Likelihood to Renew
No answers on this topic
We are more likely than not, to renew it. It saved us from a really huge data breach 4 months ago. It has earned its shower so far
Read full review
Support Rating
No answers on this topic
Official support can sometimes take time to reach the right people. However, once you are in contact with the appropriate experts, the support is excellent, as F5 staff are true specialists. On the other hand, we always receive prompt assistance from our local sales team, who typically help us connect with the right people quickly.
Read full review
Implementation Rating
No answers on this topic
Implementation of Distributed Cloud is accomplished a few different ways, it would pay to meet with the F5 team and map out your implementation prior to acquisition to make sure you Infrastructure and Operations teams are aligned to the approach and requirements.
Read full review
Alternatives Considered
In my opinion Acunetix fares good in DevSecOps pipeline better than Appspider. In terms of vulnerabilities scanning of dynamic applications I liked Rapid7, however we have better ROI with Acunetix. During 6 months of usage I tried to look into cost benefit analysis and could easily pick Acunetix and in terms of dashboards also I am impressed
Read full review
Clodflare bot management was our other obvious option for us. We tested it on a staging version of our RFQ platform. It was great for broad traffic filtering but had a hard time with nuanced differences between real subcontractors and low volume bots mimickingt human input whereas that's where F5 Distributed Cloud Bot Defense thrived
Read full review
Return on Investment
  • Saved money compared to other commercial scanners, especially over the long run.
  • Scan speed seems to be pretty good compared to some of the bulkier commercial products out there. However, that largely has to do with proper configuration.
  • A downside is that is requires a bit of extra work just to get it set up to scan APIs, web services, etc.
Read full review
  • We experience large web/data scraping attack campaigns and F5 Distributed Cloud Bot Defense over the years has helped mitigate these for us and significantly reducing load off of our origin servers.
  • Also, we experience many large Credential Stuffing attacks and F5 Distributed Cloud Bot Defense helps us stop these attacks and protects our customers.
Read full review
ScreenShots

Acunetix by Invicti Screenshots

Screenshot of DashboardScreenshot of FilteringScreenshot of scan results