As a pen-tester, there are going to be situations where you will be asked to provide evidence of the seriousness of a vulnerability that has been identified. There is ample documentation on how to do this for the more common vulnerabilities such as Cross-site Scripting…
Acunetix receives highest score for “Penetration Testing” Use Case
Gartner’s 2017 Critical Capabilities for Application Security Testing Report Gartner, Inc., the leading provider of research and analysis on the global information technology industry, has recognised Acunetix as a Challenger in February 2017 Magic Quadrant for Application Security Testing (AST), and has given Acunetix the…
Acunetix Jenkins Plugin provides DevOps with on the spot identification of web vulnerabilities
Continuous Integration is a software development practice which involves the frequent merging, or integration of work from different developers on a team. Not only does CI help eliminate tedious and error-prone work, but it also reduces the chance of bugs – including web vulnerabilities. With…
Start using Acunetix v11 with Acunetix Quick Start Guide
The Acunetix Quick Start Guide Video is a short guide covering basic steps to get you started using Acunetix v11. Learn how to launch a scan, analyze the scan results and create a report. Find your way around the new web-based user interface re-engineered from…
Watch What’s New in Acunetix v11
Hot on the release of Acunetix v11, check out what’s NEW in this brief presentation highlighting: A brand new web interface re-engineered from the ground up for greater usability and manageability New integrated vulnerability management features to prioritize and manage vulnerabilities Multi-user, Multi-role features Issue tracker…
In the headlines: DNC email breach, Avtech IoT devices, UN nuclear power plant hack, and more
US accuses Russia of interfering with elections In what could be the most highly publicized nation state cyber attacks since the Sony Pictures hack, the US have officially accused Russia of interfering with the elections. The DNC email breach was the first stage in a…
In the headlines: Yahoo hack, Krebs DDoS attack, Drupal vulnerabilities and more
500m users affected in giant Yahoo hack and lawsuits already filed The latest breach to be dubbed ‘the biggest breach ever’ is the newly revealed theft of the data 500 million Yahoo users, which took place in 2014. Yahoo admitted this news just last week,…
33% of websites and webapps are vulnerable to XSS
Cross-site Scripting (XSS) is a much talked-about type of injection vulnerability that occurs on the client-side (that is, in a user’s browser). It occurs, predominantly through the use of JavaScript due to its prevalence in most browsing experiences. Cross-site Scripting can be classified into four…
SQL injection slowly receding, but still a major concern
SQL injection (SQLi) is a frequent topic on this blog – it refers to an injection attack that allows an attacker to execute malicious SQL statements that allow the attacker to control a web application’s database server. Since an SQL injection vulnerability could possibly affect…