Acunetix Security Hardening Guide

The following guide provides a series of recommendations for improving the security (“hardening”) of your Acunetix On Premise installation. 1. Update to the current version It is recommended that you always run the latest version of Acunetix. Additionally, Acunetix periodically publishes updates, which may include fixes for known security vulnerabilities. By default Acunetix is set […]

Read More →

How to install Acunetix Multi-engine

The Acunetix Multi-engine setup is suitable for Enterprise customers who need to scan more than 10 websites or web applications simultaneously. This can be achieved by installing one Main Installation and multiple Scanning Engines, all managed from a central console. Here’s how: Download the latest build of Acunetix Download the latest build of Acunetix from […]

Read More →

Using Client Certificates in Acunetix

In most TLS handshakes, the client authenticates the server, therefore, the client knows that the server is who it says it is, but the server doesn’t know much about the client. In most cases, this is fine — authentication via credentials is enough in many cases, however, some web applications require that the client also […]

Read More →

Configuring HTTP Proxy Settings in Acunetix

If the target website or web application you intend to scan is only reachable via an HTTP proxy, you will need to configure Acunetix On Premise to make use of that HTTP proxy server before running the scan. You can set different proxy settings per Target in Acunetix On Premise. This is useful if different […]

Read More →

VIDEO: Acunetix Login Sequence Recorder

The Acunetix Login Sequence Recorder can be used to test password-protected areas of your website automatically. In order to scan a form-based password protected area, you will need to make use of a Login Sequence during the scan. The Login Sequence can be configured from the Target settings page in the General tab using the […]

Read More →

How to scan for specific vulnerabilities

If you do not need to perform a full scan, you may choose from the list of Scan Types to run against a Target. Scan Types are a logical grouping of tests that test for specific classes of vulnerabilities such as SQL injection or Cross-Site Scripting tests which you can use to reduce the scope […]

Read More →