Do you want the peace of mind that you’re delivering secure code free of vulnerabilities when building applications using the Microsoft .NET framework? Acunetix’s AcuSensor Technology is your answer. The .NET Framework is Microsoft’s comprehensive and consistent programming model for building applications that have visually…
Better scan results with CVSS, CVE and CWE
Acunetix includes the classification of vulnerabilities using CVE (Common Vulnerabilities Exposure), CWE (Common Weakness Enumeration) and CVSS (Common Vulnerability Scoring System). The table below provides a quick overview of the main differences between the three standards and how they benefit Acunetix users. CVE CWE CVSS…
Scan Google Web Toolkit Applications with Acunetix
Google Web Toolkit (GWT) is an open source set of tools that allows web developers to create and maintain complex JavaScript front-end applications in Java, using the Java development tools of their choice. It is a development toolkit for building and optimizing complex browser-based applications….
The Results are in – Verizon 2014 Data Breach Investigations Report
The numbers are in… and cybercrime had quite an active 2013 according to Verizon’s 2014 Data Breach Investigations Report (DBIR) – one of the information security industry’s most prominent studies compiled from over 50 contributing organizations. This year’s report includes an array of security issues,…
Key Web Application Security Metrics
How’s your web application security program measuring up today? If you’re like many people, you’re simply going through the motions of periodic vulnerability scans and problem resolution. It’s a vicious cycle that may or may not be delivering the results you’re looking for. Given all…
Misleading Reports of 0-Day in Acunetix WVS
Reports of a 0-day vulnerability in Acunetix Web Vulnerability Scanner turn out to affect only an old version from 2012 which was subsequently fixed. A blog post has recently come to our attention that claims a successful attack against Acunetix v8 (build 20120704), and in…
Danger: Open Ports – Trojan is as Trojan does
Open ports are the doorways to your secure perimeter. Behind open ports, there are applications and services listening for inbound packets, waiting for connections from the outside, in order to perform their jobs. Security best practices imply the use of a firewall system that controls…
Ways to Keep your Developers Interested in Web Security
Working in IT over the past couple of decades I’ve witnessed the good, the bad, and the downright ridiculous when it comes to the way software developers are treated by management. Seeing what I’ve seen, and having been in those shoes, I’m convinced that the…
Scanning for Heartbleed using Acunetix
Soon after the Heartbleed bug was made public, Acunetix released an update to detect the vulnerability in websites and web applications. The script that detects this is called Heartbleed_Bug.script, and is included in the following Scanning Profiles: Default High_Risk_Alerts The newly created heartbleed profile The…