Deploying AcuSensor in Acunetix 360 On-Premises
Acunetix AcuSensor increases the accuracy of an Acunetix scan by improving the crawling, detection, and reporting of vulnerabilities while decreasing false positives. Acunetix AcuSensor can be used on .NET (including .NET Core), JAVA, and PHP web applications.
The unique Acunetix AcuSensor Technology identifies more vulnerabilities than a black-box web application scanner does and also further minimizes false positives. In addition, it indicates exactly where vulnerabilities are detected in your code and reports debug information.
Acunetix AcuSensor requires a sensor to be deployed on your server. This sensor is generated uniquely for each website for security reasons.
Deploying AcuSensor is optional. Acunetix is still best in class as a black-box scanner, but AcuSensor improves accuracy and vulnerability results when scanning your web applications.
Ready to use the AcuSensor? Contact us.
To do this, follow these steps: From the main menu, go to Scans > New Scan > AcuSensor, then select I'm Interested in Adding AcuSensor.
Once approved, you are ready to download.
This table lists and explains the fields on the AcuSensor page.
This is the section that lets you download the required file to use on your server.
This lets you select the server to download the required files for your server, such as PHP and Java.
This lets you override settings for the default AcuSensor Token and Bridge URL/Port.
Bridge URL and Port
How to download AcuSensor in Acunetix 360
- Log in to Acunetix 360.
- From the main menu, select Scans > New Scan
- From the Scan Settings, select AcuSensor (IAST and SCA).
- From the AcuSensor Settings section, select Enable AcuSensor.
- From the Installation Files section, select a platform from the Server Platform drop-down, then click Save As. The download starts immediately.
- From the Advanced Settings, if required, you can do the following:
- If you have a token already, select the I have a token I would like to reuse checkbox and enter your token.
- Enter your Bridge URL and Port only if you want to override the default bridge URL and Port.
Setting a custom bridge service for AcuSensor
You can use the bridge service provided by Invicti (https://iast.invicti.com). OR, you can install Acunetix 360 IAST Bridge to set up a custom bridge service.
- Install the Acunetix 360 Bridge
How to set up a custom bridge service
- Press the Windows logo key
- Type Services.
- Make sure the Acunetix 360 Bridge is running.
By default, the Acunetix 360 Bridge runs at the 7880 port.
- Log in to Acunetix 360.
- From the main menu, select Settings > General.
- Go to the IAST Bridge section.
- Enter your custom URL to the Default Bridge URL field. (You can enter your custom URL like this: http://220.127.116.11:7880)
- Select Save.
If you change your bridge URL after installing an Acunetix 360 AcuSensor sensor, you must re-install these sensors, so the changes can take effect.
Deploying AcuSensor in your server is explained in related topics:
AcuSensor has only a very minimal impact on resources on the Target machine — less than 1% in lab test results.