Audit your website security with Acunetix Web Vulnerability Scanner
Website security is possibly today's most overlooked aspect of securing the enterprise and should be a priority in any organization. Hackers are concentrating their efforts on web-based applications - shopping carts, forms, login pages, dynamic content, etc. Web applications are accessible 24 hours a day, 7 days a week and control valuable data since they often have direct access to back-end data such as customer databases.
Any defence at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications are often tailor-made therefore tested less than off-the-shelf software and are more likely to have undiscovered vulnerabilities. Acunetix Web Vulnerability Scanner automatically checks your web applications for SQL Injection, XSS & other web vulnerabilities.
In addition, due to popular demand, Acunetix 10.5 now scores vulnerabilities using CVSS 3.0. CVSS is a very common scoring system, often used for compliance purposes and to prioritize the fixing of vulnerabilities. CVSS 3.0 updates the metrics used to calculate the scores for vulnerabilities, bringing it in line with the security industry's requirements while giving more realistic scores to web vulnerabilities. Acunetix WVS v10.5 scores vulnerabilities using both CVSSv2 and the new CVSSv3.
New Features and Vulnerability Tests
- Added detection for Apache Struts Remote Code Execution (s2-052)
- Added detection for Apache Struts Remote Code Execution (s2-053) â?? CVE-2017-12611
- Check for Header Injection via misconfigured nginx redirects
- Check for nginx Integer Overflow vulnerability (CVE-2017-7529)
- Improved the detection of Blind SQL Injection
- JAVA error detection now includes the full JAVA error returned by the server
- Improved the Remote File Inclusion XSS checks
- Updated the Joomla and WordPress vulnerability checks
- Fixed bug causing the downloading of a Targetâ??s LSR file to fail
- Fixed bug in HTTP Digest Authentication
Please contact BTSoftware for pricing.