Because most of the organization’s resources and applications are now accessible from the internet, it brings new risks that we need to be fully aware of and ensure we can control and mitigate. As a web application vulnerability scanner platform, Acunetix by Invicti allows us to evaluate the security level of our websites to ensure deeper coverage.
A European transnational organization that offers water, waste, and energy management services was seeking a better approach to managing the security implications of global cybercrime threats through a dispersed team. One of their main challenges involved making the continued shift to cloud-based work environments. They needed a web application security solution that provided deeper insight into their threat landscape and integrated well with existing workflows, offering more comprehensive coverage for their assets.
Cybercrime is a global issue that continues to impact organizations in every industry. Because this organization manages sensitive customer data, they must continually ensure that the security of their industrial and financial systems is adequately managed with sufficient protection for their network in the cloud.
The legislative context for cybersecurity is constantly evolving, particularly for operators of essential services. Our organization is not immune to these threats, and thus we must make progress on cybersecurity. The security of the industrial and financial systems, and the protection of our customers' data, are major issues that require full attention.
To keep pace with ever-evolving cybersecurity threats, the organization’s Executive Committee knew that each regional business entity manager needed to adopt cybersecurity policies and procedures and incorporate them into existing processes. They also needed more modernized tooling that would help them implement proper security protection for known and unknown assets, including vulnerable and outdated web application components.
Through this top-down initiative, local business managers for each regional unit within the organization were given resources to incorporate cybersecurity measures and policies directly into their operations. They selected Acunetix by Invicti as their tool of choice for identifying poor development practices and uncovering web server configuration errors that may lead to cybersecurity compromises.
By providing local managers the ability to delegate scans, we are now regularly testing all the websites and web applications that are exposed online to assess the risks. When risks and vulnerabilities are discovered by Acunetix, the managers are able to fix them and prevent issues quickly.
Using Invicti as a security solution, the international team is now required to scan every new website that they want to publish. This coverage allows them to catch vulnerabilities sooner and provides deeper, more accurate insight into the health of their web asset inventory for full visibility and improved risk management.
Since implementing Acunetix by Invicti, the organization is able to efficiently scan their web applications in development, quality assurance (QA), and production stages to catch problems before they translate into bigger cybersecurity issues. Scans run daily and are launched by business unit managers proactively, but teams also have the flexibility to launch scans before production deployment to evaluate newly disclosed vulnerabilities.
Key benefits include:
Additionally, the organization takes advantage of the Acunetix API which allows them to not only execute scans, but also retrieve the vulnerability scan results found for each specific group of website and web applications. From there, they can integrate those results into their global cybersecurity KPI dashboard, providing each business unit with the same foundational policies for vulnerability management so that everyone understands the risks and how to mitigate them.
Since making the switch to Invicti, the organization has been able to transform its approach to web application security. Now, they’re ahead of potential threats well before deployment of new applications while catching issues that other solutions easily miss.
Acunetix by Invicti is better at evaluating web application security because it identifies more vulnerabilities than traditional scan solutions available on the market. Other solutions focus their analysis on the system and the network vulnerability rather than the web application vulnerability, which is Invicti’s strength.
With fuller, automated coverage, their business unit managers can get a handle on security issues that would have previously gone unnoticed or unchecked. That keeps the organization’s industrial and financial systems more secure – and their customers’ data safe, too.
"The issues detected were of major impact, if users/hackers would have found the security holes, they could have hacked an entire Joomla! site."
Robin Muilwijk Quality and Testing Team"Having used Acunetix since 2009, we find it an essential tool in protecting our interior critical systems and helping our customers protect their own systems."
Chen Chiu Lin Researcher"Acunetix has played a very important role in the identification and mitigation of web application vulnerabilities. Acunetix has proven itself and is worth the cost. Thank you Acunetix team."
M. Rodgers Member of the US Air Force IT Security Team