Acunetix is a web application security tool which automatically performs a vulnerability assessment of a website or web application together with any server misconfigurations. Acunetix allows you to run security checks for thousands of vulnerabilities quickly and accurately on a regular basis.
When scanning large applications for Node.js related vulnerabilities, it may be desirable to divide the scanning of the application up into smaller segments, or scopes. A typical example of this would be when different development teams would be working on different parts of a large web application with different release cycles, and therefore, different scanning schedule requirements.
Acunetix makes customizing the scope of a web application security vulnerability scan painless. There are several ways to restrict the scope of a scan — you may choose to exclude pages you don’t want to scan manually, or for more advanced users, Acunetix also supports excluding pages based on regular expressions.
Beyond the vulnerability scanning
Another problem that Acunetix solves which many other vulnerability scanners fall short of is the ability to produce great reports. Acunetix can instantly generate a wide variety of other technical and regulatory and compliance reports such as OWASP Top 10, PCI DSS, HIPAA and many others. Additionally, Acunetix also allows users to export discovered vulnerabilities to Issue Trackers such as Atlassian JIRA, GitHub and Microsoft Team Foundation Server (TFS).
With built in Jenkins integration, Acunetix can also easily integrate within existing software development code security and SDLC workflows such as CI/CD pipelines.
We use Acunetix as part of our Security in the SDLC and to test code in DEV and SIT before being promoted to Production.