Open redirect is a type of web application security issue that allows attackers to use your business reputation to make phishing attacks more effective. If you allow open redirects, an attacker can send a phishing email that contains a link with your domain name and…
Acunetix Exhibiting at Infosecurity Online 2020
Infosecurity Online is the one-stop-shop for the most innovative ideas and networking opportunities in information and cybersecurity. You can find us by navigating to the Acunetix Infosecurity Online virtual booth on October 20-22, 2020. Our team will be available to discuss the latest automated features…
The Importance of Validating Fixes – Lessons from Google
Zohar Shachar, an Israeli security researcher, recently revealed the details of a bounty that he received approximately a year ago from Google. The security issue that he found was an advanced cross-site scripting (XSS) vulnerability in Google Maps. There was one detail about this case…
New Research Reveals Companies Are Losing the Web Application Security War
Half of organizations say that vulnerabilities are found faster than they can be fixed AUSTIN, Texas – Sept. 22, 2020 – Acunetix, a global leader in automated web application security testing, teamed up with Dimensional Research to learn how effectively companies are handling web application…
How Well Are Enterprises Handling Web Application Security?
Enterprises are continuously battling criminals on many fronts. It’s an all-out war against enemies that are well-hidden and remain unpredictable. And the stakes are high – an effective, multi-stage attack can cripple the business or even lead to its complete downfall. Fortunately, most enterprises now…
Security Misconfigurations and Their Consequences for Web Security
The term security misconfiguration is very generic and applies to any security issue that is not a result of a programming error but a result of a configuration error. Security misconfigurations have been defined as a separate category in the 2017 OWASP Top-10 list (category…
Acunetix update introduces data retention policies, static JavaScript method analysis, user-based timezone settings, and new vulnerability checks
A new Acunetix update has been released for Windows and Linux: 13.0.200911154, and macOS: 13.0.200911171. This Acunetix update introduces data retention policies for scans and vulnerabilities allowing users to focus on current vulnerabilities. It also introduces the detection of paths in JavaScript code using static…
Step-by-Step Configuration with GitLab
You can manage web vulnerabilities internally with Acunetix. However, these vulnerabilities will need to be fixed by developers and the developers may already use an issue management system. Therefore, managing them internally might not be an optimal choice. In such a case, your vulnerability scanner…
The Heartbleed Bug – Old Bugs Die Hard
You would think that after several years, a well-known security vulnerability should no longer be found in production systems. It may, therefore, come as a surprise that famous Internet security issues such as the Heartbleed vulnerability linger on for many years after they have been…