Configuring General Settings
From the general settings page, you can configure product updates settings, proxy settings, notification settings, users and target groups.
Acunetix frequently releases updates which consist of new features, bug fixes and updates to the vulnerabilities database. You can configure Acunetix to Download and install updates automatically, or have Acunetix notify you when new updates are available.
You can configure Acunetix to use a proxy server if this is required to connect to the Internet. This will affect product updates, license activation requests and AcuMonitor requests. Specify the protocol, proxy address and port and optionally username and password to be used to connect to the proxy server.
The mail server settings are used by Acunetix to send email notifications such as when a scan is complete, license notifications, or forgot password emails. Here you can configure the SMTP server’s address, port, from address, security protocol used, and any authentication if needed.
The management of Acunetix users is explained here.
Targets can be grouped for easier management. For example, from the Vulnerabilities page, you can filter for the vulnerabilities of one Target Group, or in the Scan page, you can filter for scans of a specific Target Group. Users accounts are also given access to specific Target Groups.
You will first need to create the Target Group, after which, you can configure target group membership for the Target Group.
Acunetix supports sending vulnerabilities to an issue tracker. You will first need to configure the settings of the issue tracker in Acunetix. Proceed as follows:
- Select the Issue Tracker you are using
- Provide a Name for the issue tracker. This name will be used to when selecting the issue tracker for the Target
- Provide the URL and credentials to access the issue tracker, and click Test Connection
- Select the Project in which issues should be logged.
- Select the Issue Type to be used by Acunetix when logging an issue.
Screenshot - Configure Issue Tracker
After configuring the issue tracker, you can assign the issue tracker to a Target from the target’s settings.
Acunetix supports sending issues to Github, Jira and Microsoft TFS.
Acunetix installs with a default set of Scanning Profiles, which allow you to scan for specific types of vulnerabilities. If you need to be more granular in your scans, you can create your own custom scanning profiles which check for specific vulnerabilities. Proceed as follows:
- Click the Create Profile button
- Provide a name for the profile.
- Select the vulnerabilities as needed.
You can search for vulnerabilities using the search field. You can also click on the folder icons to expand the folders.
- Click Save when done.
Screenshot - Custom Scanning Profile
When starting a new scan, you can choose your custom scanning profiles in the Scan Type selection..
There are times when you do not want to scan a Target. For example, you might want to scan your site when during your workday so you can monitor the site while it is being scanned. Alternatively, you can scan your web application during the weekend when nobody is using it.
Screenshot - Excluded hours list
Excluded hours allow you to configure the times when no scans should be done by Acunetix. The default excluded hours profile is assigned to all new Targets, however this can be changed to a different excluded hours profile for each Target. You can also create your custom excluded hours profile if needed.
Screenshot - Edit an excluded hours profile
Note: Any scans that are running at the start or an excluded hours period will be stopped. Any scans that are scheduled to start during an excluded hour period will be delayed till after the excluded hour period.