Acunetix: Your Web Vulnerability Scanner Integrated with the OpenVAS Network Security Scanner
Network vulnerability tests should be an integral part of every cybersecurity policy. To check the security of your network services and network devices, you need a dedicated network scanner. Other types of scanning tools, such as web application vulnerability scanners, are not built to detect network security risks. When you introduce a new security tool into the business environment, it may make it more complex to manage your IT security. Luckily, you can find tools that combine a network vulnerability scanner with a web application vulnerability scanner. However, most such tools focus strongly on one area only and cannot provide full security coverage. Acunetix goes beyond what other products can offer by combining the best of both worlds: the best web vulnerability scanner engine, the best network security scanner engine, and a leading-edge vulnerability assessment and vulnerability management solution that works with both of these engines.
The Need for Network Vulnerability Scanning
Network vulnerabilities don’t make it to news headlines as often as other security issues such as malware, phishing, ransomware, or web vulnerabilities. However, it’s the network security issues and misconfigurations that often let the attackers take the first steps when they compromise systems.
- Open ports and exposed services such as FTP, SSH, database servers, etc. are one of the most common configuration issues that lead to major data breaches, especially if coupled with weak passwords. For example, most recent major data breaches happened because businesses exposed their database servers such as Elasticsearch to the public.
- A network vulnerability scanner also helps you discover the lack of security patches for your network devices, web servers, or operating systems. Missing patches or late patching may expose your infrastructure to dangerous attacks, both in the case of Windows and Linux.
- You can use your network scanner to find many other network security issues. For example, you can check whether you are using secure SSL/TLS ciphers.
Harnessing the Power of the OpenVAS Vulnerability Scanner
One of the most established and best network security scanners in the world is an open-source tool – OpenVAS. Its roots go back all the way to 1998 to the open-source Nessus project started by Renaud Deraison. Acunetix closely integrates with OpenVAS, making it even easier to use.
- Acunetix treats vulnerabilities discovered by the OpenVAS engine and by the Acunetix engine the same way. It means that after you run a scan, you have a common list of web and network vulnerabilities that you can manage and remediate.
- Acunetix is a vulnerability assessment tool and a vulnerability management tool, and when integrated with OpenVAS it becomes network security assessment software. Just like in the case of web vulnerabilities, you can prioritize and manage your network vulnerabilities along with web vulnerabilities to proceed with further penetration testing or remediation.
- You can manage all the vulnerabilities discovered by Acunetix using an external issue tracker, for example, Jira, Microsoft TFS, GitHub, GitLab, Bugzilla, or Mantis. This also includes network vulnerabilities. Therefore, Acunetix effectively and uniquely enables simple integration between OpenVAS and issue trackers.
Easy Network Vulnerability Management Integration
The OpenVAS integration in Acunetix is not only powerful but most important of all, it’s easy. You don’t have to create custom scripts or learn the Acunetix API, you only need to use the Acunetix user interface.
- The online (cloud) version of Acunetix is already integrated with OpenVAS so you don’t have to do anything. Immediately after you log in to Acunetix Online for the first time, you can start running network scans for your external network services.
- To secure your internal network, you can install Acunetix and OpenVAS on your premises and integrate them using a few easy steps in the Acunetix user interface. This way, you will be able to scan also those network services that are not available from the outside but still may be subject to internal threats.
- Thanks to Acunetix, you can also use OpenVAS to scan your virtual environments in the SDLC. By integrating Acunetix web and network scanning into CI/CD pipelines, you can check if your virtual machines are not misconfigured. Network issues in development may lead to similar issues in production environments.
Frequently asked questions
Network security scanning means analyzing a network structure and seeing what services are available on the network. Once a network scanner knows the structure and the services, it checks if these services use outdated, vulnerable software. A network scanner may be integrated with a web scanner.
Network scanning can be divided into three types of scans. First, a network scanner finds all accessible addresses on the network (network structure). Then, it finds all the open ports for each of those addresses. Then, it checks every port for vulnerabilities in the software.
See how to scan a network using nmap – it’s much easier with Acunetix and OpenVAS!
You should do both. However, if your website or web application is hosted in the cloud and you did not open any ports manually, there is very little chance that you find any network vulnerabilities. On the other hand, there is a big chance that you will find web vulnerabilities.
Acunetix on-premises can be easily integrated with the OpenVAS network scanner – you just need to enter the IP address and port number of OpenVAS. Acunetix Online is already integrated with OpenVAS so you do not need to install or configure anything. When integrated with OpenVAS, Acunetix manages all web and network vulnerabilities together in the same interface.
Learn more about prominent vulnerabilities, keep up with recent product updates, and catch the latest news from Acunetix.
“We use Acunetix as part of our Security in the SDLC and to test code in DEV and SIT before being promoted to Production.”Kurt Zanzi, Xerox CA-MMIS Information Securtiy Office, Xerox