Integrating Acunetix 360 with CyberArk Vault
CyberArk Enterprise Password Vault (EPV) helps you centrally manage privileged account identities in a single location.
- While CyberArk EPV prevents unauthorized access to critical systems, it protects privileged account credentials used in on-premises, hybrid, and cloud environments.
- Further, it automatically rotates privileged account passwords and SSH keys.
- To provide clear visibility to security and audit teams, CyberArk EPV provides audit logs; so the teams know which individual users accessed which privileged or shared accounts, when, and why.
Acunetix 360 provides integration with CyberArk Enterprise Password Vault so that you do not need to provide sensitive credentials for vulnerability scanning on password-protected web pages.
For further information, see What Systems Does Acunetix 360 Integrate With?
This table lists and explains the fields in the New CyberArk EPV Integration window.
This is the name of the configuration that will be shown elsewhere.
This is the URL that must show where you setup CyberArk EPV.
This is the user's Certificate File provided by CyberArk EPV.
This is the user's Certificate Password provided by CyberArk EPV.
This is the agent mode that you can select.
There are two options:
Verify and Save
This verifies certification and the connection with the service.
How to Integrate Acunetix 360 with CyberArk EPV
- Log in to Acunetix 360.
- From the main menu, select Integrations > New Integration.
- From the Secrets and Encryption Management section, select CyberArk EPV.
- In the Name field, enter a friendly name for the integration.
- In the URL field, enter an URL that displays the address of CyberArk EPV.
- In the Certificate File, select Certification File to select and upload the required file.
- In the Certificate Password field, enter the password required to configure the integration.
- In the Agent Mode, select an option.
- Select Verify and Save. (If you have more than one authentication verifier agent, you see a drop-down to select the verifier agent.)
Verifying form authentication with CyberArk EPV
When you successfully integrate CyberArk EPV, you can use this integration to launch a new scan.
This table lists and explains the fields in the CyberArk EPV Settings window.
This is the name of the integration that you entered in the New Vault Integration window. Select the integration from the drop-down, if necessary.
Use Static Name
Disable the Use Static Username checkbox only if you plan to change a username routinely.
This is enabled by default.
This holds the username value.
This holds the username query. Enter a proper query to retrieve the username from CyberArk EPV.
This holds the password query. Enter a proper query to retrieve the password from CyberArk EPV.
How to use the CyberArk EPV Integration to verify form authentication
- Log in to Acunetix 360.
- From the main menu, select Scans > New Scan.
- In the Target URL field, enter the URL.
- Complete the remainder of the fields, as described in Acunetix 360 New Scan Fields and Acunetix 360 Scan Options Fields.
- Then from the Authentication settings, select the Form tab.
- Select Form Authentication.
- Select the New Persona drop-down, then select CyberArk EPV.
- Complete the fields in the dialog box.
- Select Save.
- Select Verify Login & Logout to test the new Persona.
Select Test Value Settings to verify the username and password.