Acunetix WVS v10 improves its support for crawling and identifying vulnerabilities in various web technologies. This is the result of feedback gathered during the past months from our user-base. Keeping abreast with updates to web technologies is of utmost importance, as it allows Acunetix to detect web vulnerabilities in the websites that are developed using new and evolving techniques.

Acunetix WVS v10 improves its support in the following areas:

  • Java/ J2EE web applications – Acunetix WVS v10 can now better test Java Web Applications implemented in Spring, Struts, Java Server Faces (JSF) and Google Web Toolkit (GWT). Such web applications are inherently difficult to scan because of their session management; version 10, brings improvements to session management for Java applications, as well as a battery of new tests aimed specifically at web applications that are built using Java frameworks
  • RESTful Web Services – Coverage for web applications making use of RESTful web services has improved in the following areas:
    • RESTful web services implemented in JavaScript using AJAX calls can now be automatically discovered  by DeepScan
    • Support for WADL files allows Acunetix WVS to test all the endpoints defined in such description files.
    • Identifying WADL definitions using the OPTIONS HTTP method
    • Testing for XML External Entity (XXE) Injection in RESTful web services.
  • Ruby on Rails – Apart from the various improvements increasing the coverage of the website developed using Ruby on Rails, Acunetix WVS v10 also introduces several new vulnerability checks specific to this web development technology.
Nicholas Sciberras
Principal Program Manager
As the Principal Program Manager, Nicholas is passionate about IT security and technology at large. Prior to joining Acunetix in 2012, Nicholas spent 12 years at GFI Software, where he managed the email security and anti-spam product lines, led multiple customer service teams, and provided technical training.