We have recently asked one of our customers for a review of their experiences with Acunetix. This customer is a group of companies that has more than 80,000 staff worldwide in diverse organizational units. However, due to the sensitive nature of their business (national security),…
Acunetix Selects SYNNEX Corporation as U.S. Distribution Partner
AUSTIN, Texas, June 5, 2020 — Acunetix, the pioneer in automated web application security software, announced today that it has selected SYNNEX Corporation (NYSE: SNX), a leading business process services company, as a distribution partner in the United States. Customers now have the opportunity to…
Easy Access to the 2020 Web Application Vulnerability Report
If you don’t have time to read the whole 2020 Acunetix Web Application Vulnerability Report, we have prepared two comfortable options for you. We want to make sure that you know the current state of web security so that you know what efforts to focus…
What Is the POODLE Attack?
The POODLE attack (Padding Oracle on Downgraded Legacy Encryption) exploits a vulnerability in the SSL 3.0 protocol (CVE-2014-3566). This vulnerability lets an attacker eavesdrop on communication encrypted using SSLv3. The vulnerability is no longer present in the Transport Layer Security protocol (TLS), which is the…
Scanning an Application in Docker Using AcuSensor for Java
The following article shows you how you can run a Java application in a Docker container and then use AcuSensor to run an interactive application security testing (IAST) scan for that application. Step 1: Prepare an Example Application Using Eclipse IDE Go to the menu…
Why Is Directory Listing Dangerous?
Directory listing is a web server function that displays the directory contents when there is no index file in a specific website directory. It is dangerous to leave this function turned on for the web server because it leads to information disclosure. For example, when…
What Is the BEAST Attack
BEAST stands for Browser Exploit Against SSL/TLS. It is an attack against network vulnerabilities in TLS 1.0 and older SSL protocols. The attack was first performed in 2011 by security researchers Thai Duong and Juliano Rizzo but the theoretical vulnerability was discovered in 2002 by…
What Are Google Hacks?
The terms Google hacking, Google hacks, or Google dorking refer to attacks that use Google or another search engine to find vulnerable web servers and websites. Google hacking is based on inventing specific search queries, often using wildcards and advanced search operators (such as intitle,…
How to Use the Acunetix Business Logic Recorder
The Business Logic Recorder is a new and unique Acunetix feature that lets you test more web applications without extensive manual work or additional non-automated tools. Most automated web vulnerability scanners do not have any mechanisms that let you test applications with complex business logic….