When you build web applications, you often use multiple back-end web services to interface between client-side and server-side applications. For example, enterprises use functional subdomains to distribute static content or application logic between API requests. To scan the entire web application, the web vulnerability scanner…
How many users can I configure in Acunetix?
The number of users that you can configure in Acunetix depends on the edition that you have purchased. Acunetix Standard does not allows for only one user – the same user that is created when installing Acunetix. Acunetix Premium (both on-premises and online) allows for…
How to Use Excluded Hours
Acunetix provides additional functionality for managing your scans. You may encounter a situation, where scans should not interfere with scheduled deployments or hinder the web application functionality during certain times. With that in mind, it is possible to configure excluded hours for Acunetix during which…
Why Are Some Vulnerabilities Marked as Verified?
Starting from Acunetix Version 12 (build 12.0.190325161), Acunetix marks some vulnerabilities identified during a scan as verified. Verified vulnerabilities are vulnerabilities that Acunetix has detected with 100% certainty in the web application being scanned and thus they do not need to be manually verified. Acunetix…
How to Configure Acunetix with Kenna Security
You can integrate Acunetix with Kenna Security as a connector, out of the box. The following configuration applies to both the Kenna VM appliance and the SaaS solution. First, create a new Kenna instance. On the Home page, you can see statistics for imported vulnerability…
Authenticated Scans on Applications That Make Use of One-time Tokens or CAPTCHAs
One-Time Tokens add another layer of security, supplementing the username and password with a code that only the individual user has access to (for example by SMS or via a security key). A CAPTCHA has a different purpose, as it provides a test used to…
Scanning applications that make use of Single Sign-On (SSO)
Single Sign-On (SSO) is a service which allows users to have one set of login credentials to access multiple web applications. SSO allows a user to log in once and gain access to various applications, without the need to re-enter login credentials at each application….
Session Detection: What to do if the LSR fails to identify a session pattern
Session Detection is the final step in the configuration of the Login Sequence Recorder (LSR). A valid Session Pattern is vital for a successful scan, as with it the scanner is able to identify whether it is authenticated or not. During a scan, the session…
Which Linux distributions can Acunetix be installed on?
Acunetix has been tested on the following Linux distributions: Ubuntu Desktop/Server 16.0.4 LTS or higher Suse Linux Enterprise Server 15 and openSUSE Leap 15.0 Acunetix may work on other Linux distributions. For example, we have a number of Acunetix users who installed Acunetix on Kali…
