Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

Acunetix 360 On-Premises - v25.12.0

New features

  • Implemented ACX security checks into the report policy, aligning it with the existing functionality in Invicti Standard
  • Credentials used in OAuth2 can now be retrieved from the secret
  • Added support for referencing secrets from SEM integrations when configuring Basic, Digest, NTLM/Kerberos, or Negotiate authentication

New security checks

Improvements

 
  • Added "Fix versions" field to the JIRA integration
  • Added "Queue reason" to the Scan summary page
  • Improved IP Restriction Logic
  • Improved the "SameSite Cookie Not Implemented" security check
  • Improved the "JWT Signature is not Verified" security check

Resolved issues

  • Proxy credentials are now properly masked in InvictiProxy logs
  • Fixed missing Known issues and CVE Details on the Scan Summary page
  • Resolved an issue where manually disabling an agent assigned to queued or active scans would cause those scans to become stuck indefinitely. The system now prevents disabling agents with assigned scans and displays clear error messages
  • Enhanced OAuth2 business logic and encryption implementation
  • Fixed an issue that caused login failures during authenticated scans
  • Prevented scan fails due to syntax errors on custom security scripts
  • Fixed a layout problem when adding a new certificate
  • Fixed an issue where users without an API Discovery license saw the error “ApiHub Service URL cannot be empty” when updating items on the Settings > General page
  • Fixed "The deletion of the website continues" issue when adding a target
  • Fixed an empty list issue in the Mend integration
  • Fixed an issue where Linux/cloud agents couldn't parse secrets pre-request query parameters
  • Updated Java sensor
  • Fixed an issue with confirmation SMS messages
  • Resolved an issue that prevented large JSON files from being scanned properly during scan archiving

Verify the Hash value for package integrity in Acunetix 360 on-premises

The hash value for the "25.12.0.zip" file is E60C0E9A522A83FD66B58BD6C005999DAE6C40A487F72C4708ECA531D773B80D.

You can verify the integrity of the file by checking its hash value using one of the outlined methods:

PowerShell (Windows):

Get-FileHash -Path "25.12.0.zip" -Algorithm SHA256
Command Prompt (Windows):

certutil -hashfile "25.12.0.zip" SHA256
Linux or macOS:

sha256sum "25.12.0.zip"