Acunetix WVS Version 6.5 build 20091005 released

An updated build for Acunetix WVS Version 6.5 has been released with some improvements, bug fixes and new security checks. New: Added a new check for SVN repositories Improvements: Improved MultiRequest paramenter manipulation; now using the form matcher to match parameter values Improved SQL injection tests Improved Application error tests Bug Fixes: Bug fixes: Fixed: […]

Read More →

VIDEO: Exploring the capabilities of Acunetix WVS Login Sequence Recorder; automating dynamic web applications crawling

The Acunetix WVS Login Sequence Recorder can be used for many other tasks rather than just to scan password protected areas.  If used appropriately it will help you in automating most of the crawling process.  Therefore the Acunetix WVS Login Sequence Recorder can be used to: – Configure the crawler to crawl a pre-defined path […]

Read More →

Acunetix WVS Version 6.5 build 20090917 released

An updated build for Acunetix Version 6.5 has been released with some improvements and bug fixes. New: Added two new blind SQL injection tests Added a new scanning profile for stored XSS only Added HTTP verb tempering using POST method check Improvements: Improved appearance for compliance report by adding visual markets and several other presentation […]

Read More →

How to secure web servers and database servers

Web servers are one of the most targeted public faces of an organization.  Securing a web server is as important as securing the website or web application itself and the network around it. Although securing a web server can be a daunting operation and requires specialist expertise, it is not an impossible task to achieve. […]

Read More →

New Acunetix WVS V6.5 build; better support for CAPTCHA and modern authentication mechanisms

With the release of Acunetix WVS Version 6.5 latest build; 20090728 (http://www.acunetix.com/support/build-history.htm), we announce that Acunetix WVS has better support for web applications with CAPTCHA, single sign-on and Two factor authentication mechanisms.  Thanks to the new ‘Manual Intervention’ module, IT security professionals can now save valuable time when securing web applications, since much less manual […]

Read More →

Web Application Firewalls do not replace secure development and operation of web applications

In eval($WAF); whitepaper, L. Nothdurfter, W.Neudorfer and M. Kirchner from the University of Applied Sciences Upper Austria, explain in detail how they evaluated the capabilities of some leading WAF’s (web application firewalls), and concluded that although a WAF can raise the security level, secure development and operation of web applications should be of top priority. […]

Read More →

Every website is a target; hacktivism

As stated in previous blog posts, hackers don’t just hack websites to steal online databases and credit card details.  Hacktivism, where innocent websites are defaced from malicious users to transmit their political view or opinion, is on the increase.  In many major world political events, online criminals have a great chance to try and gain […]

Read More →