70% of websites have vulnerabilities that could lead directly to the theft of sensitive data. Hackers are constantly finding new ways to attack, and more increasingly we are seeing attacks via Web Based Applications.
Acunetix was established in 1997 and is the world leader in Web Application Security. Their engineers are the pioneers of web scanning technology, analysis and vulnerability detection. Here at Signal Networks we work directly with Acunetix and are the UK’s largest partner.
Web application attacks, launched on port 80/443, go straight through the firewall, past operating system and network level security, and right in to the heart of your application and corporate data. Tailor-made web applications are often insufficiently tested, have undiscovered vulnerabilities and are therefore easy prey for hackers.
Acunetix has pioneered the web application security scanning technology: Its engineers have focused on web security as early as 1997 and developed an engineering lead in web site analysis and vulnerability detection.
Features of the Acunetix Web Vulnerability Scanner include
– Cross Site Scripting (XSS)
– AcuSensor Technology allows you to identify more vulnerabilities than a traditional Web Application Scanner, whilst generating less false positives. In Addition this indicates exactly where in your code the vulnerability is and reports debug information.
– An automatic client script analyser allowing for security testing of Ajax and Web 2.0 applications.
– Industries’ most advanced and in depth penetration testing tools, such as the HTTP editor and the HTTP Fuzzer.
– Visual macro recorder makes testing web forms and password protected areas easy.
– Support for pages with CAPTHCA, single sign-on and two factor authentication mechanisms.
– Extensive reporting facilities including VISA PCI compliance reports.
– Multi-threaded and lightning fast scanner crawls hundreds of thousands of pages with ease.
– Intelligent crawler detects web server type and application language.
– Acunetix crawls and analyses websites including flash content, SOAP and AJAX.
– Port scans a web server and runs security checks against network services running on the server.
New features now available with Acunetix Web Vulnerability Scanner Version 9
– Full HTML5 Support with Acunetix DeepScan Technology
– Mobile Website Support
– Detection of Blind XSS vulnerabilities with AcuMonitor service
– Automated detection of DOM-based XSS vulnerabilities
New Detected Vulnerabilities
– Server Side Request Forgery (SSRF)
– XML External Entity (XXE)
– Mail Header Injection
– Host Header based Attacks