Acunetix WVS Helps Team Random Win the 2009 IS Competition Prize

Acunetix WVS Helps Team Random Win the 2009 IS Competition Prize for Identifying Most Vulnerabilities on Competitors’ Servers.

“The biggest benefit of using Acunetix WVS is the amount of vulnerabilities Acunetix WVS reports. It is amazing.” Laurent Desaulniers, Student and Member of Team Random

The Need for an Automated Security Auditing Tool

Once a year, the IS Competition is held at the Crystal Ball Conference, where a number of web security students team up and scan each other’s web applications to report vulnerabilities on each other’s servers. The scope of this competition is to raise web security awareness.

With the help of Acunetix Web Vulnerability Scanner, Team Random from the Ecole de technologie superieure, focused on finding the highest number of vulnerabilities on competitors’ web applications and they managed to locate more than anyone else!

The technical committee supervising the competition included people from Cisco, CERT, ISIQ, GoSecure Inc, Check Point Software Technologies and from other renowned companies from the Internet Security area.

The Competition

Team Random, a team of 6 students from Canada who strive to apply theoretical knowledge to practical ends, scanned over 50 competitors’ web servers during this competition. Competitors’ servers were running both Apache and IIS as web server software, and custom web applications built from web security students using php, perl, ruby, asp, aspx and also Java platforms.

Team Random used several web vulnerability scanners during the competition, but Acunetix WVS was the scanner of choice. Once they won the competition, the team said “none of the other scanners worked as well as Acunetix”, while another student known as S P A C E B A R stated “I don’t have a clue how Acunetix does it, but it works - it works amazingly well!”

Team Random also noticed that Acunetix WVS is a very easy to use web vulnerability scanner. As a matter of fact, the students used Acunetix WVS only two weeks before the competition took place and by the time the competition was on they had already mastered the scanner.

“Acunetix was not only flexible, but it found many XSS in many custom built applications,” stated another member of Team Random.

About Acunetix Web Vulnerability Scanner

Acunetix Web Vulnerability Scanner ensures website security by automatically checking for SQL injection, Cross Site Scripting and other vulnerabilities. Furthermore, Acunetix protects against the embedding of Javascript malware in a web-page through its JavaScript Analyzer. Such protection secures all AJAX applications. Acunetix WVS also checks password strength on authentication pages and automatically audits shopping carts, forms, dynamic content and other web applications. As the scan is being completed, the software produces detailed reports that pinpoint where vulnerabilities exist.

About Acunetix

Acunetix was founded to combat the alarming rise in web attacks. Its flagship product, Acunetix Web Vulnerability Scanner, is the result of several years of development by a team of highly experienced security developers. Acunetix is a privately held company with headquarters based in Europe (Malta) and an office in London, UK. For more information about Acunetix, visit: //www.acunetix.com.

All product and company names herein may be trademarks of their respective owners.