Powering over 90% of the world wide web, Apache, IIS and nginx are considered the 3 most important web servers. They are considered to be easy to get up and running, have an active development team behind them and react quickly to security issues. Most…
Author Archives Acunetix
THE AUTHOR
Acunetix
HIPAA – Why you need to keep patient information secure
If you’re a healthcare entity in the United States, then you’ll certainly be familiar with HIPAA. Enacted by congress in 1996, HIPAA addresses the security and privacy of health data among a number of other items. The most important aspect for healthcare providers, insurers and…
nginx security: Tips to harden your configuration; part 2
This is the second part in the series on nginx security. This article follows on from Part 1 with more tips on hardening your nginx server configuration. 5. Make use of ModSecurity ModSecurity is an open-source module that works as a web application firewall. Different functionalities include…
Are you prepared for PCI v3.0?
At the end of December 2014 the new set of Payment Card Industry Data Security Standards (PCI DSS) will come largely into force, with just a few small elements having the later deadline of July 2015 to allow businesses time to adapt. If your company…
Microsoft IIS – 8 Tips for Security Best Practices
Microsoft Internet Information Services is regarded as a robust product from Microsoft but its default installation and configuration are far from secure. After installing an IIS server on your Windows server, you should review its configuration very carefully. This is not a unique problem of…
Analysing the latest trends in web application attacks
A recent study by a leading web application security vendor has highlighted some interesting statistics about web application attacks. Some of the findings examined below should enable web security practitioners to better anticipate, identify and act against cyber threats. Threat Growth One of the unsurprising…
Acunetix OVS Update, Spots Vulnerabilities with Military Precision
An important update has just been rolled out to Acunetix Online Vulnerability Scanner (OVS) which includes 2 features unique to Acunetix – AcuSensor and AcuMonitor. Both technologies have been successfully used in Acunetix WVS to enhance scan results by improving vulnerability detection and detecting difficult…
Alliance Training Courses Improve Acunetix User Skills
Alliance Technology Partners, partnering with Acunetix since 2007, have announced they shall be offering Acunetix Training Courses, delivered via the web, by two of their senior security engineers. This Basic Training 3 hour course, is highly interactive and tailored to the users’ experience level and…
Acunetix WVS v9.5 build 20140902 detects Hibernate Query Injection, Format Strings and more
Acunetix Web Vulnerability Scanner version 9.5 build 20140902 has been updated to include new vulnerability checks, including detection of Hibernate Query Injection, format strings vulnerabilities, MySQL username disclosure and others, including some, in well-known web applications. This new build also optimises existing checks, including its…