Acunetix - Web Vulnerability Scanner

Company Description
Acunetix is the technology leader in automated web application security tools. Acunetix was created to detect vulnerabilities such as SQL Injection and Cross-Site Scripting (XSS) by "thinking" like a hacker, in order to find and fix the vulnerabilities before actual hackers do. It has the capability to automatically crawl and scan a variety of web Content Management Systems (CMS) such as WordPress, Joomla! and Drupal, as well as web applications for over 3000 web vulnerabilities to help organisations shore up their web security.

 

Product Description

 

Acunetix is an automated web application security tool which automates the tedious task of manual testing, and is available both as an online (OVS - Online Vulnerability Scanner) and an on-premise solution (WVS - Web Vulnerability Scanner). It is able to scan any website or web application that is accessible over the HTTP/HTTPS protocol, detecting and reporting back on vulnerabilities within applications built on a variety of different architectures which include WordPress, Joomla! and Drupal. Acunetix WVS also provides Manual Penetration tools such as Blind SQL Injector, HTTP Editor, HTTP Sniffer and HTTP Fuzzer to further investigate the vulnerabilities discovered.
 
List of Reports Acunetix Generates:
  • Regulatory Compliance Reports
  • PCI (Payment Card Industry)
  • OWASP Top 10 (2013) (Open Web Application Security Project)
  • ISO/IEC 27001
  • HIPA (Health insurance Portability and Accountability Act of 1996)
  • WASC Threat Classification (Web Application Security Consortium)
  • SOX (Sarbanes-Oxley)
  • NIST Special Publication 800-53 (for FISMA) (National Institute of Standards and Technology) (The Federal Information Security Management Act)
  • DISA-STIG Application Security (Defence Information Systems Agency - Security Technical Implementation Guides)
  • 2011 CWE/SANS Top 25 Dangerous Software Errors (Common Weakness Enumeration)
Other Reports:
  • Executive Report
  • Developer Report
  • Remediation
How Acunetix WVS Works:
  • Crawling - The crawler analyzes the entire website. In the process, it maps out the entire directory structure of the site.
  • Vulnerability Scanning - Acunetix WVS launches a range of vulnerability attacks on every page. It runs test against control on each page similar to what hackers would do to attack the website.
  • Results - All vulnerabilities found are displayed in the Alerts Node. Each alert contains information about the vulnerability, remediation, steps, CVE, CWE and CVSS information.
  • Reporting & Remediation A variety of different reports can be generated including Executive Summary, Developer Report, Compliance. Reports such as PCI and OWASP.
 
Comparison with other Web Vulnerability Scanners
 

 

Features & Benefits:
  • An automatic client script analyzer allowing for security testing of Ajax and Web 2.0 applications, including flash content, SOAP and AJAX
  • Advanced penetration testing tools, such as the HTTP Editor and the HTTP Fuzzer, as well as in-depth SQL injection and XSS testing
  • Multi-threaded and lightning fast scanner crawls hundreds of thousands of pages with ease, including CAPTCHA, single sign-on and 2FA mechanisms
  • Port scans a web server and runs security checks against network services running on the server based on server type and application language
  • Extensive reporting facilities including VISA PCI compliance reports

 

For more references:
AcuSensor Technology
Acunetix Customer Reference
Brochure
 

 

Video: What's new in Acunetix Web Vulnerability Scanner v11?

 
Acunetix's Blog:
 
 
 
 
Get your FREE Webinar Here
 
 
 
 
Copyright 2016 Ace Pacific Pte Ltd All rights reserved . Site by SGIHUB.