Wide Technology Coverage
Acunetix takes technology support to the next level with the best-of-breed JavaScript and HTML 5 support thanks to its fully-automated JavaScript and browsing engine called DeepScan. While some attacks may be detectable by server security software such as intrusion detection systems (IDS) and web application firewalls (WAF), these technologies are not able to stop client-side attacks such as DOM-based Cross-site Scripting (DOM XSS).
Unrivalled Speed and Accuracy
Web application security scans are typically known for being slow. Acunetix is set to change that. With a blazing-fast crawler and scanner, it is by far the fastest web application security scanner on the market, allowing you to perform automated security testing across a large number of applications concurrently. Acunetix also provides AcuSensor, an optional sensor for ASP.NET, PHP and Java applications that are deployed server-side to further increase accuracy during scans and even inspect calls to and from the web application to the database server.
Beyond Vulnerability Scanning
Another problem that Acunetix solves, which many other vulnerability scanners fall short of, is the ability to produce great reports. Acunetix can instantly generate a wide variety of other technical, regulatory, and compliance reports such as PCI DSS, HIPAA, OWASP Top 10, and many others. Additionally, Acunetix allows users to export discovered vulnerabilities to issue trackers such as Atlassian Jira, GitHub, GitLab, Mantis, Bugzilla, and Microsoft Team Foundation Server (TFS).Frequently asked questions
To protect your IIS installation, you need a web vulnerability scanner. A typical network scanner will just check if you have the right ports closed and if you have an up-to-date version of IIS. A web vulnerability scanner will check your IIS configuration and, most importantly, let you verify the security of all the web pages and web applications that you are hosting on your IIS. Acunetix will do it all.
The only way to effectively check the security of a dynamic website or web application is to try to break into it. You can hire a penetration tester to do it manually but it will cost a lot and take a lot of time. You can also use a web vulnerability scanner, discover most vulnerabilities quickly and automatically, and leave very little work for penetration testers.
Every dynamic website and web application is susceptible to web vulnerabilities such as SQL Injections and Cross-site Scripting (XSS). Based on our research, most web applications have such vulnerabilities. A web vulnerability may let an attacker completely take over your system or use it for phishing others.
See what can happen if you don’t eliminate web vulnerabilities.
A default installation of IIS is not secure. To make it safe, you need to install the right modules, disable certain options, turn on restrictions, enable logging, and more. You must also make sure that you always have the latest version of the operating system with up-to-date patches as well as the latest version of IIS.
Recommended reading
Learn more about prominent vulnerabilities, keep up with recent product updates, and catch the latest news from Acunetix.
“We use Acunetix as part of our Security in the SDLC and to test code in DEV and SIT before being promoted to Production.”
Kurt Zanzi, Xerox CA-MMIS Information Securtiy Office, Xerox