AUSTIN, Texas, June 5, 2020 — Acunetix, the pioneer in automated web application security software, announced today that it has selected SYNNEX Corporation (NYSE: SNX), a leading business process services company, as a distribution partner in the United States. Customers now have the opportunity to…
Easy Access to the 2020 Web Application Vulnerability Report
If you don’t have time to read the whole 2020 Acunetix Web Application Vulnerability Report, we have prepared two comfortable options for you. We want to make sure that you know the current state of web security so that you know what efforts to focus…
What Is the POODLE Attack?
The POODLE attack (Padding Oracle on Downgraded Legacy Encryption) exploits a vulnerability in the SSL 3.0 protocol (CVE-2014-3566). This vulnerability lets an attacker eavesdrop on communication encrypted using SSLv3. The vulnerability is no longer present in the Transport Layer Security protocol (TLS), which is the…
Scanning an Application in Docker Using AcuSensor for Java
The following article shows you how you can run a Java application in a Docker container and then use AcuSensor to run an interactive application security testing (IAST) scan for that application. Step 1: Prepare an Example Application Using Eclipse IDE Go to the menu…
Why Is Directory Listing Dangerous?
Directory listing is a web server function that displays the directory contents when there is no index file in a specific website directory. It is dangerous to leave this function turned on for the web server because it leads to information disclosure. For example, when…
What Is the BEAST Attack
BEAST stands for Browser Exploit Against SSL/TLS. It is an attack against network vulnerabilities in TLS 1.0 and older SSL protocols. The attack was first performed in 2011 by security researchers Thai Duong and Juliano Rizzo but the theoretical vulnerability was discovered in 2002 by…
What Are Google Hacks?
The terms Google hacking, Google hacks, or Google dorking refer to attacks that use Google or another search engine to find vulnerable web servers and websites. Google hacking is based on inventing specific search queries, often using wildcards and advanced search operators (such as intitle,…
How to Use the Acunetix Business Logic Recorder
The Business Logic Recorder is a new and unique Acunetix feature that lets you test more web applications without extensive manual work or additional non-automated tools. Most automated web vulnerability scanners do not have any mechanisms that let you test applications with complex business logic….
Acunetix update introduces Business Logic Recorder, CVSS 3.1 scoring, and support for Citrix WAF and the Azure DevOps Services issue tracker
Acunetix Version 13 build 13.0.200508159 for Windows and Linux has been released. This new build introduces the Business Logic Recorder, which allows the user to record logic implemented in multi-step web forms. The Acunetix scanner will go through the multi-step form and will be able…