After the long-winding road of discussion and deliberation, revision, disagreements and adjustments, the Open Web Application Security Project (OWASP) are updating their venerable Top 10 list of the most critical web application security risks since 2013. This update brings with it three new entries to…
Online Security: The Underlying Infrastructure – Part 1
Technology Revolutionized A plethora of valuable solutions now run on web-based applications. One could argue that web applications are the forefront of the world. More importantly, we must equip them with appropriate online security tools to barricade against the rising web vulnerabilities. With the right…
Cross-site Flashing (XSF) WordPress Vulnerability, Unpatched and Exploitable
WordPress, the content management system powering north of 28% of websites on the Internet, is certainly no stranger to providing timely security patches to its hundreds of millions of users when security researchers report them. This time however, things took a slightly different turn —…
Free Acunetix Licenses for National Cyber Security Awareness Month 2017
National Cyber Security Awareness Month (NCSAM) is upon us once again. This annual campaign to raise awareness about the importance of cybersecurity is held every year in October. NCSAM is designed to engage and educate public and private sector partners through events and initiatives to…
The difference between Vulnerability Assessment and Penetration Testing
Many information security professionals are familiar with the terms ”‘vulnerability assessment” and “penetration testing” (“pentest” for short). Unfortunately, in many cases, these two terms are incorrectly used interchangeably. This post aims to clarify differences between vulnerability assessment and penetration testing, demonstrate that both are integral…
What is Black-box Security Testing?
Black-box security testing refers to a method of software security testing in which the security controls, defences and design of an application are tested from the outside-in, with little or no prior knowledge of the application’s internal workings. Essentially, black-box testing takes an approach similar…
Issue Tracker Integration with Acunetix
An Issue Tracker such as Atlassian JIRA, GitHub and Microsoft TFS is a powerful and essential tool in the Software Development Life Cycle (SDLC) of almost any software project. It helps development teams streamline collaboration and manage their work without getting lost in an endless…
Eastern Institute of Technology, NZ publishes Case Study on Web Vulnerability Scanners
Ms. Angel Rajan and Dr. Emre Erturk from the Eastern Institute of Technology, Hawke’s Bay, New Zealand, recently published a paper entitled “Web Vulnerability Scanners: Case Study”. The case study analyses the benefits of using of an automated web vulnerability scanning solution like Acunetix, to…
Help Net Security reviews Acunetix v11
Help Net Security, an independent site, focused on information security, reviewed Acunetix v.11. This was not the first time the team behind Help Net Security analysed Acunetix, the first time being back in 2009. Since the review of v.6.5, the product has come a…