To fully secure your web applications, you need several software solutions, specialist internal resources, and external contractors. However, this means significant costs and not everyone can afford it all at once. How should small businesses start their web application security journey? Let’s have a look…
5 Reasons Not to Rely on Bounty Programs
Congratulations! You’ve made the right decision to start a bounty program. Does that mean that you can maintain a secure posture without a web vulnerability scanner and manual penetration tests? And if not, why not? Many companies are jumping on the bounty program bandwagon and…
Are You Keeping Up with Web Application Security?
Opinion: Almost every business that has computers buys an antivirus solution. However, relatively few businesses that have their own websites buy vulnerability scanners. I believe that most people don’t buy solutions to protect their web applications not because they don’t feel that it’s necessary but…
Scanning a Google OAuth 2.0 Web Application
One of the most important qualities of a professional web application vulnerability scanner is the ability to reach every part of the web application, including the protected areas. While many scanners struggle with this, Acunetix supports several authentication mechanisms and offers an easy way to…
How Scanners Find Vulnerabilities
Vulnerability scanners are not that different from virus scanners. In both cases, the goal of the software is to find something out of the ordinary in the target. A virus scanner scans local resources and local storage of a computer to find potentially malicious software….
How To Benchmark a Web Vulnerability Scanner?
You’ve made the right decision to improve your web application security stance and perform regular web application scanning. However, there are several renowned web vulnerability scanners on the market and you have to choose one. How do you do that? As a first step, you…
DevSecOps with Acunetix – The Human Factor
The old-school DevOps model, where the security team works in a silo, separated from agile development teams, introduces a lot of tensions. With such an organization, developers often perceive security analysts as the “bad cops” who make their life difficult. On the other hand, security…
Managing Scans using Bash and the Acunetix API
The Acunetix API allows you to programmatically manage your Acunetix tasks, including triggering scans for targets, checking the status of your scans, and retrieving a list of vulnerabilities found by your scans. This example can serve as a primer for building such programmatic tools. In…
5 Reasons Why Web Security Is Important to Avoid Ransomware
In the world of IT security in general, 2020 so far could be called the year of ransomware. The news is full of reports of new ransomware attacks and based on the trends so far, we can expect the situation to keep getting worse. Many…