Acunetix WVS is designed to perform a web security scan by using a web application as an exploitable front-end, through which it can make contact with a web server. This approach ensures that WVS does not rely on specific compatible web-servers or web technology for a scan to be executed.

Some checks — which Acunetix WVS launches against a target — have dependencies, e.g. test ‘A’ is performed only if the server has PHP technology.  This is because there are specific vulnerabilities which target only on PHP security, and do not impact other technologies like Cold Fusion.


Therefore if there is no particular test for a specific web technology, the Web Technology in question will not be listed under ‘Optimize for the following technologies’, as there are no tests designed exclusively for it.

If new vulnerabilities are discovered specifically for a web technology, the web technology in question will be added under ‘Optimize for the following technologies’.

View all the Acunetix FAQs here.


Acunetix developers and tech agents regularly contribute to the blog. All the Acunetix developers come with years of experience in the web security sphere.