Acunetix 7 makes web application security checking easier and more cost effective

New scanning engine with improved vulnerability detection AND verification makes finding and fixing security issues in web applications easier.

London, 1st September 2010 – Acunetix, a market leader in web application security scanning technology, today announced version 7 of its popular Web Vulnerability Scanner. With the new human like vulnerability verifying techniques, revolutionary scanning engine and support for a wider variety of web applications, Acunetix re-establishes its technology lead in web application security. Acunetix WVS Version 7 also features improved performance, less false positives and detection of a wide range of new web vulnerability types.

“With Acunetix WVS v7 we focused on finding more vulnerabilities, reducing false positives, and on improving scanner performance,” said Robert Abela, Acunetix Technical Manager. “As a result, Acunetix 7 is now 300% faster, can reduce false positives up to 50% and detects new vulnerabilities such as stored directory traversal.  This helps businesses reduce the time and resources needed to secure their web applications significantly.”

Unique vulnerability verifying technique reduces false positives

Acunetix v7 includes new advanced vulnerability verifying techniques which result in much less false positives, and thus saves time of security administrators trying to reproduce such situations.  Such accuracy is achieved by sending a number of test inputs to the web application, and depending on the response, Acunetix v7 will automatically determine which web vulnerability checks to launch against the web application.

New faster scanning engine reduces time to scan a website by up to 300%

Acunetix WVS Version 7 includes a new fast multi-threaded scanner that can scan on more threads at a time and more efficiently. Scans that could take hours to complete now can be done in minutes, depending on website structure and web applications.

Acunetix 7 reduces time needed to fix security vulnerabilities

When a web security threat is discovered, Acunetix WVS Version 7 presents the developers with a more precise and understandable technical and vulnerability remediation information, to help them fix the issue in a much shorter time.  To improve understanding, different variants of the vulnerability are gathered in one detailed vulnerability report. Acunetix v7 can also re-check a fix for a particular vulnerability, without having to rescan the entire website.

Detect more web vulnerabilities

Thanks to the new revolutionary scanning engine and website crawler, Version 7 is able to find much more vulnerabilities than ever before.  The new site crawler’s in-depth analysis of the website presentation layer discovers more website parameters and inputs. Acunetix 7 is therefore capable of finding many more vulnerabilities in a larger variety of different web applications.

Scan a wider range of web applications

Acunetix v7 is also able to crawl and scan a wider variety of web technologies. Support for Web 2.0 applications has been improved, and also session handling.  All of the advanced penetration testing tools have been rewritten to support Web 2.0 requests, such as JSON, XML and more.

HTTP authentication

Acunetix WVS v7 now supports more than a single pair of HTTP credentials for the same host.  Thanks to the new HTTP authentication settings node, one can pre-define credentials per host, directory and even file.

Easily create your own vulnerability checks

Acunetix v7 now has improved support for creating custom vulnerability checks. Vulnerability checks are written in JavaScript, the most popular scripting language with web developers, and can thus be easily adjusted or extended.  A scripting tool and SDK are also available to assist developers in writing custom web vulnerability and security checks.

Lower cost subscription licenses

Subscription based licenses now also include the maintenance agreement and are thus significantly cheaper. In addition free support and free version upgrades are included.

Other Features

  • New graphical scan status interface shows more information about a web scan in progress
  • Avoid the lengthy process of manually analyzing the code by specifying the label or tag instead of actual parameter name
  • Verify that AcuSensor Technology is correctly installed with a simple click of a button
  • During a scan, less bandwidth is consumed and less stress is put on the server thanks to improved network traffic handling
  • A number of new network security checks have been added and other ones improved.

Acunetix WVS Trial Edition

Download Acunetix Web Vulnerability Scanner v7 trial edition from here

About Acunetix

Acunetix is a market leader in web application security technology. Founded in 2004, Acunetix customers include the US Army, US Airforce, AT&T, KPMG, Telstra, Fujitsu, Adidas and many more.   For more information please visit: http://www.acunetix.com.

“With Acunetix WVS v7 we focused on finding more vulnerabilities, reducing false positives, and on improving scanner performance,” said Robert Abela, Acunetix Technical Manager. “As a result, Acunetix 7 is now 300% faster, can reduce false positives up to 50% and detects new vulnerabilities such as stored directory traversal. This helps businesses reduce the time and resources needed to secure their web applications significantly.”
Share this post

Leave a Reply

Your email address will not be published.