Acunetix have recently announced a partnership with Fortinet to provide instant vulnerability detection using Acunetix Web Vulnerability Scanner (WVS) and Fortinet’s FortiWeb web application Firewall (WAF). This partnership means that any scan results will be imported into the new FortiWeb 4000E and 3000E Web Application Firewalls where it will construct settings to diminish the detected vulnerabilities.
Acunetix is a web vulnerability scanner that’s designed to replicate a hacker’s methods used to expose dangerous weaknesses on an organisations network or website. It features automated and manual penetration testing tools allowing an IT security analysts to perform vulnerability detection assessments, and repair detected threats at the same time.
Fortinet are a manufacturer and innovator of IT network security products. They deliver innovative network security platforms that secure and simplify an IT infrastructure for carriers, data centres, enterprises, distributed offices and MSSP’s. Their flagship product- FortiGate “consists of physical and virtual appliances that provide a broad array of security and networking functions, including firewall, VPN, anti-malware, intrusion prevention, application control, Web filtering, anti-spam, DLP, WAN acceleration, and WLAN control”. Within their product range, they are able to assist businesses of any size with the FortiGate 30D and 90D targeted at small businesses and FortiGate 3000 and 5000 series aimed at large enterprises, data centres, and service providers.
This partnership means that when their products are combined, users will be able to provide instant vulnerability detection. This is achieved by the Acunetix WVS scan results automating the WAF configuration results to reduce workload and user errors “when compared with manually having to configure a web application firewall such as FortiWeb”.
Acunetix have quoted “when web application weaknesses such as SQL Injection or Cross Site Scripting are detected by Acunetix WVS, FortiWeb will transform the results into WAF security policies to offer immediate protection to companies by safeguarding the website from exploitation of the vulnerabilities detected”. Ultimately this will provide the end user with a paused period where they can effectively deal with and fix any security vulnerabilities detected.
Nicky Sciberras, an Acunetix Product Manager has said that “Acunetix sets a high standard when it comes to discovering web application vulnerabilities. In our commitment towards security, we recommend the use of a web application firewall like FortiWeb combined with Acunetix Web Vulnerability Scanner for ultimate and immediate protection”.
Some of the anticipated benefits of incorporating Acunetix WVS and FortiWeb WAF are:
- Reduced Risk Exposure – Vulnerabilities are mitigated immediately, thus allowing more Time-to-Fix.
- Accurate Protection – Virtual patching policies are created automatically, reducing the risk of configuration errors that can lead to a false sense of security.
- Improved Resource Scheduling – Fixing the vulnerabilities detected can be scheduled at a time when developers and testers can better focus on addressing the vulnerability effectively, rather than do so while fire-fighting.
- Reduced Development Cost – Spend less development resources in emergency situations, fix code vulnerabilities during the normal release cycle.
- Compliance Reporting – Show auditors that vulnerabilities are virtually patched thanks to detailed WAF configuration reports.
Signal Networks are proud to be partnered with Fortinet. The Signal Networks team have countless years of experience working and deploying successful configurations. To find out more about our partner status, please click here.