Acunetix - Short Review

Developer Tools



Product Overview of Acunetix

Acunetix is a comprehensive automated web application security testing tool designed to identify and mitigate vulnerabilities in web applications, websites, and APIs. Here’s a detailed look at what the product does and its key features and functionality.



What Acunetix Does

Acunetix audits web applications to detect a wide range of vulnerabilities, including SQL Injection, Cross-Site Scripting (XSS), and other common web application threats. It emulates the actions of a hacker to identify potential security weaknesses, ensuring that web applications are secure and compliant with various regulatory standards.



Key Features and Functionality



Crawling and Scanning

Acunetix employs its DeepScan technology to crawl the entire website, following all links, including those dynamically constructed using JavaScript, and links found in robots.txt and sitemap.xml files. This process creates a detailed map of the site, which is then used to launch targeted vulnerability checks against each part of the site.



AcuSensor Technology

One of the standout features of Acunetix is its AcuSensor Technology, which combines black box scanning with feedback from sensors placed inside the source code. This technology enhances the accuracy of vulnerability detection, particularly for PHP, .NET, and JAVA web applications, by providing detailed information such as source code line numbers, stack traces, and affected SQL queries. It significantly reduces false positives and offers precise locations of vulnerabilities within the code.



Vulnerability Management

Acunetix includes a robust vulnerability management system that allows users to assign identified vulnerabilities as tasks to team members for remediation. The system tracks the status of these tasks, automatically rescans fixed vulnerabilities, and updates the status accordingly. This ensures that all vulnerabilities are addressed efficiently and that the security status of the web applications is continuously monitored.



Proof of Exploit and Verification

Acunetix 360 features a Proof of Exploit mechanism that verifies detected vulnerabilities by exploiting them in a read-only and safe manner. This confirms the authenticity of the vulnerabilities, saving time and resources that would be spent on manual verification.



Integration and Automation

Acunetix Premium integrates seamlessly with various development and operational tools such as Jira, Jenkins, GitHub, GitLab, TFS, Bugzilla, and Mantis. It allows for the automation of web vulnerability scanning within the Software Development Life Cycle (SDLC), enabling continuous scanning and early detection of vulnerabilities. This integration ensures that vulnerabilities are identified and remediated at the earliest stage of development.



Multi-User Environment and Reporting

Acunetix offers a multi-user environment with customizable access rights, allowing different team members to launch scans, view reports, and manage vulnerabilities based on their roles. The platform generates various reports, including executive reports, developer reports, and compliance reports for standards like HIPAA, PCI-DSS, and ISO/IEC 27001.



Network Scanning

In addition to web application scanning, Acunetix also integrates the OpenVAS network scanner to check for over 50,000 network vulnerabilities. This involves port probing and OS fingerprinting to identify devices, operating systems, and server products, and then launching security checks against these identified products.



Conclusion

Acunetix is a powerful tool for ensuring the security and compliance of web applications. With its advanced crawling and scanning capabilities, AcuSensor Technology, robust vulnerability management, and seamless integration with development tools, it provides a comprehensive solution for identifying and mitigating web application vulnerabilities. Its user-friendly interface and extensive reporting features make it an indispensable asset for any organization committed to web application security.

Scroll to Top