You would think that after several years, a well-known security vulnerability should no longer be found in production systems. It may, therefore, come as a surprise that famous Internet security issues such as the Heartbleed vulnerability linger on for many years after they have been…
Scanning a REST API for Vulnerabilities
Many complex web applications are built using REST APIs. Acunetix can help you ensure the security of all your REST APIs just as effectively as in the case of monolithic web applications and websites. In this article, you will learn how to discover and fix…
Cross-Origin Resource Sharing (CORS) and the Access-Control-Allow-Origin Header
Modern browsers use the Same-Origin Policy (SOP) by default which means that fetching resources from other origins is not allowed. However, in some situations, such operations are necessary. Cross-Origin Resource Sharing (CORS) was designed to address such situations using HTTP response headers, which include Access-Control-Allow-Origin….
Agile and Secure SDLC – Best Practices
Agile development processes help businesses release software much quicker than it would be possible if using classic design and development cycles such as those based on the waterfall model. Most web applications require an agile methodology because they need to be updated very often and…
The HttpOnly Flag – Protecting Cookies against XSS
Cross-site scripting (XSS) attacks are often aimed at stealing session cookies. In such an attack, the cookie value is accessed by a client-side script using JavaScript (document.cookie). However, in everyday use, web applications rarely need to access cookies via JavaScript. Therefore, a method of protecting…
The Power of Modern DAST: Miles Technologies
DAST has come a long way from its humble beginnings. Many businesses searching for web application security solutions are still apprehensive of DAST because they perceive it the way it was many years ago. DAST tools are often described as slow, not automated, not integrated,…
Step-By-Step Configuration with GitHub
Acunetix allows seamless integration with GitHub. This provides Acunetix administrators with the ability to send vulnerabilities directly to their development teams. Note: Before proceeding any further, ensure that the latest version of Acunetix is installed. You can download it from https://www.acunetix.com/fullver. Also, note that issue…
Acunetix Exhibiting at ISMG 2020 Virtual Cybersecurity Summit: New York
ISMG’s Global Summit Series will take place across four continents focusing on global security topics such as fraud and breach prevention and on many key industry verticals such as finance, government, retail, energy, and healthcare. The registration for ISMG 2020 Virtual Cybersecurity Summit is free….
Acunetix update introduces Chinese language support in the UI, path fragments in site structure, and new vulnerability checks
A new Acunetix update has been released for Windows and Linux: 13.0.200807155 and macOS: 13.0.200807156. This Acunetix update introduces Chinese language support in the UI, allowing Chinese users of Acunetix to browse the Acunetix UI and read vulnerability data in their language. The new build…