Q & A: Google Hacking

Question and Answer on Help Net Security; Google Hacking with Robert Abela, Acunetix Technical Manager.  In this intervie we discuss: The importance of Google for security research What kind of information about a target a penetration can find out by using Google Tips to those that want to use Google for Information gathering Advise to […]

Read More →

IIS Web Server Security how to

With the sharp increase of hacking attacks over the last couple of years, and the introduction of a number of regulatory compliance guidelines to follow, web application security has become a key concern for many online businesses, and also a common expense in a company’s budget.  Although many businesses are focusing on securing their web […]

Read More →

Acunetix WVS Version 6.5 build 20100303 released

An updated build of Acunetix WVS Version 6.5 has been released.  This build includes a new feature and new security checks, improvements and addresses a number of bug fixes. New Feature: Added new option to export results to HTTP Fuzzer New Security Checks: Test for XML External Entity Injection Test for XML Injection Improvements: Improved […]

Read More →

Top 10 Reasons Not to Invest in Website Security

For some light humor! 1) You really enjoy waking up in the morning with your coffee, hitting your homepage, and finding a new page marketing ‘special offers’ for ‘enhancement’ products… You spill your coffee, burn…ouch. 2) You just love getting a hosting bill showing your site had somehow managed to use 4 terabytes of data […]

Read More →

Acunetix WVS voted Windowsecurity.com readers’ choice award winner

Acunetix Web Vulnerability Scanner Voted Windowsecurity.Com Readers’ Choice Award Winner for the third time in a row London, UK – 25 February 2010 –  Leading Windows Security resource site, WindowSecurity.com, announced today that Acunetix Web Vulnerability Scanner was selected the winner in the Web Application Security category of the WindowSecurity.com Readers’ Choice Awards. “Our Readers’ Choice […]

Read More →

A brief overview of web application security

In this short video we give a brief overview of web application security. We will see; What is the difference between network security and web / web application security? Why network firewalls and network security scanners are not a website or web application security solution? Although a web application firewall will add an extra layer […]

Read More →

Acunetix WVS Version 6.5 build 20100210 released

An updated build of Acunetix WVS Version 6.5 has been released.  This build addresses a number of bug fixes , an updated Acunetix Firefox extension and a new security check. New Security Check: Test for Cross Site Scripting in the Referrer header Improvement: Acunetix Firefox extension now supports latest Firefox release Bug Fixes: Crawler: Html […]

Read More →

Authenticated XSS – problem or not?

Obviously, cross-site scripting (XSS) is a big problem on the public Web. But there’s another angle to XSS that no one seems to be talking about – at least I’m not seeing anything on it. It’s the issue of XSS on Web pages that are only accessible when the user is logged in. I see […]

Read More →

Latest Comparison Report from Larry Suto

Last week, Larry Suto published a report entitled “Accuracy and Time Costs of Web Application Security Scanner Report”.  I’ve started to investigate in detail the results from this report. And I’ve found a list of inaccuracies.  Here is a direct quote from his paper: Methodology In order to cover as many bases as possible it […]

Read More →