Catertrax, one of Acunetix’ valued clients, have recently provided us with a case study of their use of the scanner and how it helps them to maintain their security and reassure their customers.

‘Acunetix has helped make our application stronger and given our clients the assurance that their data is safe.’ Benjamin De Point, VP of Software Development & Hosting.

CaterTrax is a catering management software company based in Rochester, New York, offering solutions for non-commercial food service operations. Their web-based software is designed to work as a full platform with solutions for catering, take-out, floor stock, and webstarter. Sensitive customer data is transmitted and stored online, which if stolen by cyber criminals, could result in immense financial repercussions both to the company and clients. Since CaterTrax also handles financial transactions, they maintain PCI Compliance and with a client base of over 2500 companies, security is of extreme importance. CaterTrax chose Acunetix Vulnerability Scanner to for their web application security.

Looking for a More Affordable and Thorough Scanner

CaterTrax previously used a competing product offered by Qualys but they wanted a product that was more affordable yet was still able to detect a wide range of vulnerabilities. The online version of Acunetix Vulnerability Scanner fit the bill perfectly for its affordability and also because it is more flexible than the on-premises solution which would be restricted to one machine. Acunetix complemented other security tools used by CaterTrax including Imperva ‘SecureSphere web application firewall and Alert Logic Threat Manager.

Modern Technologies Requiring Advanced Solutions

CaterTrax websites are hosted on IIS servers using a mix of ASP.NET, HTML5, JavaScript, REST and SOAP technologies. With these specific technologies in place, they needed a web application scanner which was equipped to effectively read and crawl their applications. Acunetix was designed with these technologies in mind so it was the obvious choice. As an added bonus, Acunetix is priced far more competitively than other products on the market and is also equipped to scan mobile friendly web applications, which is essential for CaterTrax.

Fast and Accurate Reporting

CaterTrax uses a number of the reports provided by Acunetix, including the developer report and the executive summary. Having a developer report is extremely valuable in being able to scan applications throughout their development lifecycle. CaterTrax is also PCI Compliant so being able to run the PCI DSS report designed for this purpose makes maintaining compliance so much easier to do. The report details individual elements of being compliant such as system security parameters, encryption, injection flaws and broken authentication. This helps CaterTrax to prioritize any vulnerability found and to confirm compliance when this report is run and found to be free of any vulnerability.

Equipped and Confidently Secure

The company now regularly scans their web applications with the ability to detect a wide range of vulnerabilities, especially those found in the OWASP Top 10 report which include Cross Site Scripting, SQL injection and DOM-based Cross Site Scripting. Being able to easily locate and fix these vulnerabilities means CaterTrax can offer their customers confidence in the security of their products.

About CaterTrax

CaterTrax is the industry leading online solution developed by hospitality professionals proven to promote, grow, manage, and sustain profitable food service businesses. The co-founders of CaterTrax started out with a family-owned catering business where they developed efficient processes for managing large-scale food service operations. These processes became the core of our web-based solutions platform. CaterTrax was created by passionate professionals who understand the realities of managing high volume food and hospitality businesses.


Acunetix developers and tech agents regularly contribute to the blog. All the Acunetix developers come with years of experience in the web security sphere.