Black-box security testing refers to a method of software security testing in which the security controls, defences and design of an application are tested from the outside-in, with little or no prior knowledge of the application’s internal workings. Essentially, black-box testing takes an approach similar…
Issue Tracker Integration with Acunetix
An Issue Tracker such as Atlassian JIRA, GitHub and Microsoft TFS is a powerful and essential tool in the Software Development Life Cycle (SDLC) of almost any software project. It helps development teams streamline collaboration and manage their work without getting lost in an endless…
Eastern Institute of Technology, NZ publishes Case Study on Web Vulnerability Scanners
Ms. Angel Rajan and Dr. Emre Erturk from the Eastern Institute of Technology, Hawke’s Bay, New Zealand, recently published a paper entitled “Web Vulnerability Scanners: Case Study”. The case study analyses the benefits of using of an automated web vulnerability scanning solution like Acunetix, to…
Help Net Security reviews Acunetix v11
Help Net Security, an independent site, focused on information security, reviewed Acunetix v.11. This was not the first time the team behind Help Net Security analysed Acunetix, the first time being back in 2009. Since the review of v.6.5, the product has come a…
Pentest Diaries – Hunting Bugs in HTTP Headers
Some time ago, I joined a bug bounty program of a household name brand, who shall remain anonymous throughout this article. This write-up documents a journey of finding and exploiting SQL injection in some unexpected places. To get started, I randomly chose one of the…
Chunghwa Telecom secures over 100 websites with Acunetix
Chunghwa Telecom, Taiwan’s largest integrated telecommunications services company, with over 12,000 employees and 100 websites, has been using Acunetix since 2009 to protect both their internal critical websites and customer systems. After analysing both HP Webinspect and IBM AppScan, Chunghwa Telecom found Acunetix to be…
Acunetix Vulnerability Testing Report 2017
Each year the Acunetix Team compiles a vulnerability testing report based on data from Acunetix Online. This third Vulnerability Testing Report contains data and analysis of vulnerabilities detected by Acunetix throughout the period of March 2016 to March 2017, illustrating the state of security of…
Simple to use security scan in the cloud – Video
Security breaches are the most common issues that company IT departments in all sectors look out for. Companies are taking extensive measures to address threats and create value by running their software in the cloud (63% according to a 2016 PWC report). Performing a regular…
What is a Host Header Attack?
It is common practice for the same web server to host several websites or web applications on the same IP address. This why the host header exists. The host header specifies which website or web application should process an incoming HTTP request. The web server…