With the uptake of cloud computing and the advancements in browser technology, web applications and web services have become a core component of many business processes, and therefore a lucrative target for attackers. Over 70% of websites and web applications however, contain vulnerabilities that could lead to the theft of sensitive corporate data, credit cards, customer information and Personally Identifiable Information (PII).
Firewalls, SSL and Hardened Networks Are Futile Against Web Application Hacking
Cyber criminals are focusing their efforts on exploiting weaknesses in web applications such as eCommerce platforms, blogs, login pages and other dynamic content. Insecure web applications and web services not only provide attackers access to backend databases but also allow them to perform illegal activities using compromised sites.
Web application attacks are carried out over HTTP and HTTPS; the same protocols that are used to deliver content to legitimate users. Yet web application attacks, both on free open-source software, such as WordPress, Drupal and Joomla!, as well as commercial or custom-built applications, can have repercussions that are the same, or worse than traditional network-based attacks.
The Technology Leaders in Automated Web Application Security
- DeepScan Technology allows accurate crawling of AJAX-heavy client-side Single Page Applications (SPAs) that leverage complex technologies such as SOAP/WSDL, SOAP/WCF, REST/WADL, XML, JSON, Google Web Toolkit (GWT) and CRUD operations.
- Industry’s most advanced and robust SQL Injection and Cross-site Scripting testing, including advanced detection of DOM-based Cross-site Scripting.
- AcuSensor Technology allows accurate scanning further reducing the false positive rate, by combining black box scanning techniques with feedback from its sensors placed inside the source code.
Fast, Accurate, Easy to Use
- Multi-threaded, lightning fast crawler and scanner that can crawl hundreds of thousands of pages without interruptions.
- Highest detection of WordPress vulnerabilities – scans WordPress installations for over 1200 known vulnerabilities in WordPress’ core, themes and plugins.
- An easy to use Login Sequence Recorder that allows the automatic crawling and scanning of complex password protected areas including multi-step, Single Sign-On (SSO) and OAuth-based websites.
- Easily generate a wide variety of technical and compliance reports aimed towards developers and business owners alike.
Acunetix is available as Software (On Premise) or Online (Hosted). Choose your trial.
>> For more information follow the link: http://www.acunetix.com/vulnerability-scanner/