- A Complete Guide to Securing your Website
Acunetix, January 2010 – In this white paper we explain in detail how to do a complete website security audit and focus on using the right approach and tools. We describe the whole process of securing a website in an easy to read step by step format; what needs to be done prior to launching an automated website vulnerability scan up till the manual penetration testing phase.
- Why File Upload Forms are a Major Security Threat
Acunetix, May 2009 – This white paper shows how and why the widely used file upload forms are a major security threat. It also states some recommendations on how to securely code such file upload forms, and how these can be checked with Acunetix web vulnerability scanner for vulnerabilities.
- Finding the Right Web Application Scanner; Why Black Box Scanning is not Enough
Acunetix, September 2008 – This white paper shows how Acunetix AcuSensor Technology increases accuracy by combining black box scanning techniques with feedback from sensors placed inside the source code while the source code is executed.
- Web Services – The Technology and its Security Concerns
Acunetix, October 2007 – This white paper examines the technology behind Web Services, how the system is made available to the user, and the way connections are made to back-end (and therefore sensitive) data. These different elements come together to make Web Services a portal for users to access data, but also provide different entry points which may be exploited for illegitimate purposes.
- The Payment Card Industry Compliance – Securing Both Merchants and Customer Data
Acunetix, May 2007 – This white paper explains the Payment Card Industry Compliance standard in real detail, and the security threats which brought about the need to standardize the data protection of both merchants and customers.
- Are AJAX Applications Vulnerable to Hack Attacks? The Importance of Securing AJAX Web Applications
- Auditing your Website Security with Acunetix Web Vulnerability Scanner
Acunetix, February 2007 – This tutorial paper describes how to use Acunetix WVS to scan your website and other web applications. It explains all the Acunetix WVS wizard options in detail and explains also to the reader how to analyze the scan results, how to generate reports with the Acunetix WVS Reporter and more.
- PHP and SQL Security
Andrew J. Bennieston, February 2007 – This white paper by Andrew J. Bennieston looks at some of the issues that should be considered every time a PHP script is written. These problems like SQL Injections, Directory Traversal and more, with well-designed code, can be eliminated entirely.