With the uptake of cloud computing and the advancements in browser technology, web applications and web services have become a core component of many business processes, and therefore a lucrative target for attackers. Over 70% of websites and web applications however, contain vulnerabilities that could lead to the theft of sensitive corporate data, credit cards, customer information and Personally Identifiable Information (PII).
Firewalls, SSL and Hardened Networks Are Futile Against Web Application Hacking
Cyber criminals are focusing their efforts on exploiting weaknesses in web applications such as eCommerce platforms, blogs, login pages and other dynamic content. Insecure web applications and web services not only provide attackers access to backend databases but also allow them to perform illegal activities using compromised sites.
Web application attacks are carried out over HTTP and HTTPS; the same protocols that are used to deliver content to legitimate users. Yet web application attacks, both on free open-source software, such as WordPress, Drupal and Joomla!, as well as commercial or custom-built applications, can have repercussions that are the same, or worse than traditional network-based attacks.
The Technology Leaders in Automated Web Application Security
DeepScan Technology allows accurate crawling of AJAX-heavy client-side Single Page Applications (SPAs) that leverage complex technologies such as SOAP/WSDL, SOAP/WCF, REST/WADL, XML, JSON, Google Web Toolkit (GWT) and CRUD operations.
Industry’s most advanced and robust SQL Injection and Cross-site Scripting testing, including advanced detection of DOM-based Cross-site Scripting.
AcuSensor Technology allows accurate scanning further reducing the false positive rate, by combining black box scanning techniques with feedback from its sensors placed inside the source code.
Fast, Accurate, Easy to Use
Multi-threaded, lightning fast crawler and scanner that can crawl hundreds of thousands of pages without interruptions.
Highest detection of WordPress vulnerabilities – scans WordPress installations for over 1200 known vulnerabilities in WordPress’ core, themes and plugins.
An easy to use Login Sequence Recorder that allows the automatic crawling and scanning of complex password protected areas including multi-step, Single Sign-On (SSO) and OAuth-based websites.
Easily generate a wide variety of technical and compliance reports aimed towards developers and business owners alike.
Acunetix is available as Software (On Premise) or Online (Hosted). Choose your trial.
Securing the web applications of today’s businesses is perhaps the most overlooked aspect of securing the enterprise. Web application hacking is on the rise with as many as 75% of cyber attacks done at web application level or via the web. Most corporations have secured their data at the network level, but have overlooked the crucial step of checking whether their web applications are vulnerable to attack. Web applications which often have a direct line into the company’s most valuable data assets are online 24/7, completely unprotected by a firewall and therefore easy prey for attackers.
Acunetix was founded with this threat in mind. It was understood that the only way to combat website hacking was to develop an automated tool that could help companies scan their web applications to identify and resolve exploitable vulnerabilities. In July 2005, Acunetix Web Vulnerability Scanner was released: a heuristic tool designed to replicate a hacker’s methodology to find dangerous vulnerabilities like SQL injection and cross site scripting before hackers do. A decade later and Acunetix Vulnerability Scanner has become the tool of choice for many customers in the Government, Military, Educational, Telecommunications, Banking, Finance, and E-Commerce sectors, including many Fortune 500 companies.
Acunetix Vulnerability Scanner is available both as an online and on premise solution. It detects and reports a wide array of vulnerabilities in applications built on architectures such as WordPress, PHP, ASP.NET, Java Frameworks, Ruby on Rails and many others. Acunetix Vulnerability Scanner brings an extensive feature-set of both automated and manual penetration testing tools, enabling security analysts to perform a complete vulnerability assessment, and repair detected threats, with just the one product. Results can be used to generate reports aimed towards developers and management alike.
The Acunetix development team consists of highly experienced security developers, all with extensive development experience in network security scanning software prior to working on Acunetix WVS. The management team is backed by years of experience in marketing and selling security software.
Acunetix is a privately held company with its offices in Malta and the UK. It is a Microsoft Certified Partner. It also has a sister company 3CX, a developer of IP PBX software for Windows.