Acunetix Vulnerability Scan results can now be imported into the FortiWeb Web Application Firewall (WAF)
LONDON, 12th October 2015 – Acunetix, a market leader in web application security technology, today announced that Acunetix web vulnerability scan results can now be imported into the new FortiWeb 4000E and 3000E Web Application Firewalls (WAFs) to automatically configure settings that will mitigate the discovered vulnerabilities.
When web application weaknesses such as SQL Injection or Cross-Site Scripting are detected by Acunetix WVS, FortiWeb will transform the results into WAF security policies to offer immediate protection to companies by safeguarding the website from exploitation of the vulnerabilities detected. This allows the development team some breathing space in the time it takes to deal with and fix the security vulnerabilities detected.
Using Acunetix WVS scan results to automate the WAF configuration results in reduced workload and user errors, when compared with manually having to configure a web application firewall such as FortiWeb.
“Acunetix sets a high standard when it comes to discovering web application vulnerabilities. In our commitment towards security, we recommend the use of a web application firewall like FortiWeb combined with Acunetix Web Vulnerability Scanner for ultimate and immediate protection,” said Nicky Sciberras, Acunetix Product Manager.
Expected benefits of the interoperability of the FortiWeb WAF with Acunetix WVS are as follows:
- Reduced Risk Exposure – Vulnerabilities are mitigated immediately, thus allowing more Time-to-Fix.
- Accurate Protection – Virtual patching policies are created automatically, reducing the risk of configuration errors that can lead to a false sense of security.
- Improved Resource Scheduling – Fixing the vulnerabilities detected can be scheduled at a time when developers and testers can better focus on addressing the vulnerability effectively, rather than do so while fire-fighting.
- Reduced Development Cost – Spend less development resources in emergency situations, fix code vulnerabilities during the normal release cycle.
- Compliance Reporting – Show auditors that vulnerabilities are virtually patched thanks to detailed WAF configuration reports.