Acunetix Integrations

Acunetix integrates with 3rd party applications, making it easier to track and protect against identified vulnerabilities. Acunetix scan results can be used by the following Issue Trackers and WAFs, and Acunetix can also be used as part of a Continuous Integration environment.

Acunetix integrations: API Discovery

API Discovery

Without the right tools, compiling a comprehensive inventory of an organization’s internal and external API assets is a difficult task. That’s where Acunetix comes in. It connects with API management systems and container management tools like Kubernetes to help AppSec leaders and development teams identify, locate, and manage all of their organization’s APIs—including ones that are hidden or undocumented.

To help get the job done, Acunetix integrates with:

  • MuleSoft Anypoint Exchange
  • Apigee API hub
  • Amazon API Gateway
  • Kubernetes (natively and via Istio Service Mesh)

See also: Introduction to API Sources

v13_dashboard_narrow-2023

Issue Trackers

An Issue Tracker is a powerful and essential tool in the Software Development Life Cycle (SDLC) of almost any software project. It helps development teams streamline collaboration and manage their work without getting lost in an endless stream of emails and PDF reports.

Acunetix can send vulnerabilities as issues to the following Issue Trackers:

  • Azure DevOps (Microsoft TFS)
  • JIRA
  • GitHub
  • GitLab
  • Bugzilla
  • Mantis

 

See also: How to integrate with popular Issue Trackers

acunetix-waf-logos

Web Application Firewalls (WAFs)

Acunetix integrates with popular WAFs to automatically create appropriate Web Application Firewall rules to protect web applications against attacks targeting vulnerabilities that the scanner finds. This allows you to temporarily prevent the exploitation of high-severity vulnerabilities until you are able to fix them.

Acunetix can export scan data to the following Web Application Firewalls (WAFs):

  • Imperva SecureSphere
  • F5 BIG-IP Application Security Manager
  • FortiWeb WAF
  • Citrix WAF

 

See also: How to integrate with WAFs

DevSecOps SecDevOps SDLC

Continuous Integration (CI)

Acunetix offers a plugin for Jenkins, a popular open source Continuous Integration (CI) and automation platform. Using this plugin development and operations teams to identify and track web application vulnerabilities early on in the Software Development Life Cycle (SDLC), and crucially, before they make it into production. The Acunetix Jenkins plugin integrates seamlessly with the Jenkins build process and triggers automatic Acunetix scans as part of the web application build process inside of the Jenkins CI platform.

The Acunetix Jenkins plugin enables you to:

  • Trigger Acunetix scans from within Jenkins upon each build
  • Trigger Acunetix scans with built-in or custom scan types to only scan for specific vulnerabilities
  • Configure Jenkins to fail a build (and optionally abort the scan) as soon as a specific threat-level (high, medium or low severity) is reached
  • Automatically generate reports saved within Jenkins

 

See also: Configuring Acunetix Jenkins Plugin

Frequently asked questions


Acunetix has out-of-the-box integrations with several issue trackers: Jira, Microsoft TFS (Azure DevOps), GitHub, GitLab, Bugzilla, and Mantis. Acunetix 360 has even more integrations. Integrating Acunetix with issue trackers is very simple and straightforward – you just need to establish a connection and then can export vulnerabilities directly to the issue tracker. Our support pages and blog have articles that describe the process.

See a step-by-step guide to integrating Acunetix with Jira.

Acunetix Premium has out-of-the box integration with Jenkins. Acunetix 360 has several other CI/CD integrations. Integrating Acunetix with a CI/CD tool is very easy, all you need to do is establish a connection and then you can run Acunetix scans directly from CI/CD pipelines.

See a step-by-step guide to integrating Acunetix with Jenkins.

Acunetix can import data from many different sources: UX tools, proxies, and security analysis tools. An Acunetix crawl can be pre-seeded using output from Selenium IDE, Telerik Fiddler, Burp, Paros, and Postman. You can also use the following files to import data into Acunetix: HTTP Archives, Swagger, WSDL, WADL, ASP.NET Web Forms, and text files with lists of URLs.

Learn why and how to use import files in Acunetix.

Acunetix exposes all its functionality via a REST API. You can use any environment that you like to make REST API calls to Acunetix and get the results. This lets you integrate Acunetix with any environment that supports REST. In other cases, the Acunetix support team can help you figure out the best way to achieve integration.

See an example of how to integrate a custom application with Acunetix using the API.

Recommended Reading

Learn more about prominent vulnerabilities, keep up with recent product updates, and catch the latest news from Acunetix.

icon_knowledge-2023

Knowledge Sharing

What is SQL Injection

What is Cross-site Scripting

What Are XML External Entity Attacks

What is Insecure Deserialization

icon_popular-2023

Popular Posts

SQL Injection Example

Preventing SQL Injection in PHP

TLS/SSL Cipher Hardening

Defending Against CSRF Attacks

icon_news-2023

In The News

Complimentary licenses – COVID-19

Interview with Acunetix President & COO

Innovations in Acunetix v13

Network scans now fully available

xerox

“We use Acunetix as part of our Security in the SDLC and to test code in DEV and SIT before being promoted to Production.”

Kurt Zanzi, Xerox CA-MMIS Information Securtiy Office, Xerox

Take action and discover your vulnerabilities

Get a demo