External vulnerability scanning, or as it’s sometimes known, perimeter scanning, is one of the absolutely necessary security tests any organization should undertake routinely. External vulnerability scanning helps make sure that vulnerabilities at the perimeter, that is, vulnerabilities laid out for the world to see, are identified and remediated as quickly as possible, making organizations more efficient at following cybersecurity best practices.
Until a few years ago, most external vulnerability scanning would be merely scoped to the external network infrastructure immediately reachable by attackers. However, we’re now living in the ‘age of the data breach’, where most defenses are actually breached through vulnerable web applications, or a combination of network-layer vulnerabilities, together with web vulnerabilities. To such an extent, organizations need to keep up with this reality and give web applications their due importance when scanning for external vulnerabilities.
Additionally, Acunetix Online features a fully integrated external network vulnerability scanner, allowing you to rapidly and continuously scan your perimeter for network-layer vulnerabilities and misconfigurations.
Fast, flexible, continuous external vulnerability scanning
The modern web is full of complexities, and as such, many other external vulnerability scanners designed for scanning websites built a decade ago, can’t properly scan, large and complex web applications quickly. With a re-engineered core, and a highly optimized crawler, every inch of Acunetix is tuned for speed, efficiency and accuracy, allowing it to complete even the largest external vulnerability scans without breaking a sweat.
What’s more, in Acunetix it’s possible to throttle the speed at which an external vulnerability scan runs, ensuring that even high-traffic sites can be scanned without affecting their performance. You can also schedule external vulnerability scans to run at specific times of a day, week or month, or even define you own custom schedule.
You also have the option of running scans on a continuous basis with Acunetix only running a quick scan every day of the week, with a full scan run once a week. This ensures that any new vulnerabilities that may have been introduced in-between full scans get picked up by Acunetix immediately.
Dead simple Vulnerability Management and reporting
Another problem that Acunetix solves which many other external vulnerability scanners surley lack is the ability to produce great reports. After an external vulnerability scan is complete, Acunetix can instantly generate a wide variety of technical and regulatory and compliance reports such as PCI DSS, HIPAA, OWASP Top 10 and many others. Additionally, Acunetix also allows users to export discovered vulnerabilities to third party Issue Trackers such as Atlassian JIRA, GitHub and Microsoft Team Foundation Server (TFS).
One of the biggest issues with conventional external vulnerability scanners is that they simply show a list of scan results. Acunetix takes a different approach in that once a vulnerability is found during a scan, it is automatically cataloged and assigned a status of Open. After the vulnerability gets fixed, Acunetix may be used to re-test the vulnerability to make sure it’s properly fixed, and then automatically marks it as Closed.
All information is available at a glance in the Acunetix Dashboard. With Acunetix’s multi-user, multi-role capabilities, users can only see what they’re meant to.
We utilize Acunetix to more thoroughly assess internet-facing websites and servers. Acunetix helps us identify vulnerabilities in conjunction with other vulnerability scanning applications. Acunetix has been a more reliable application when discovering / determining different types of malicious code injection vulnerabilities (SQL, HTML, CGI, etc).