Acunetix WVS helps Team Random win the 2009 IS Competition prize for identifying most vulnerabilities on competitors’ servers.

“The biggest benefit of using Acunetix WVS is the amount of vulnerabilities Acunetix WVS reports. It is amazing.”
Laurent Desaulniers, Student and member of Team Random

The need for an automated security auditing tool

Once a year, the IS Competition is held at the Crystal Ball Conference, where a number of web security students team up, and scan each other’s web applications, to report vulnerabilities on each other’s servers.  The scope of this competition is to raise web security awareness.

With the help of Acunetix WVS, Team Random from the Ecole de technologie superieure, focused on finding the highest number of vulnerabilities on competitors’ web applications, and they managed!

The technical committee supervising the competition included people from Cisco, CERT, ISIQ, GoSecure Inc, Check Point Software Technologies and from other renowned companies from the Internet Security area.

The Competition

Team Random, a team of 6 students from Canada who strive to apply theoretical knowledge to practical ends, scanned over 50 competitors’ web servers during this competition.  Competitors’ servers were running both Apache and IIS as web server software, and custom web applications built from web security students using php, perl, ruby, asp, aspx and also Java platforms. 

Team Random used several web vulnerability scanners during the competition, but Acunetix WVS was the scanner of choice.  Once they won the competition, the team said “none of the other scanners worked as well as Acunetix”, while another student known as S P A C E B A R stated “I don’t have a clue how Acunetix does it, but it works, it works amazingly well!!”

Team Random also noticed that Acunetix WVS is a very easy to use web vulnerability scanner.  As a matter of fact, the students used Acunetix WVS only two weeks before the competition took place, and by the time the competition was on, they had already mastered the scanner.

“Acunetix was not only flexible, but it found many XSS in many custom built applications” stated another member of Team Random.

Laurent Desaulniers
Student & member of Team Random
June 2009