Maltese Success Story: Acunetix

World Leading in Cybersecurity.

Acunetix is a global web security leader which is trusted by many Fortune 500 companies from the most demanding sectors, and government entities.

Globally the company is trusted by the U.S Air Force, NASA, HSBC, American Express, AVG and AWS, amongst many others.

Acunetix was founded in Malta in 2005. At this time, many enterprises did not see the need to secure their web applications. Instead, they focused on protecting the network. Acunetix were the pioneers who realized that this is not enough because network scanners and firewalls are helpless against most web vulnerabilities.

The solution was to develop an automated tool used to scan web applications to identify and resolve security issues.

Since then, Acunetix grew as both the company and the product. The vulnerability scanner was originally developed for Windows only. In 2014, Acunetix launched an online (cloud) solution, in 2018 – a Linux version, and in 2019 – Acunetix 360 for enterprises on all platforms.

In 2018, the company was acquired by Turn/River Capital.

Acunetix is a fully automated tool that frees up your security team resources. It specifically looks at protecting your web applications, such as your website & mobile applications. In Layman’s terms, the technology looks to hack your web applications and generate reports on the vulnerabilities. Different reports are generated automatically that are both suited for individuals in managerial positions (Managers, CEO’S, CFO’s etc..) written in language that can be understood, and detailed reports for security analysts, showing them exactly where the vulnerabilities are located within the code and how to fix them.

This saves a lot of time for security teams as they no longer need to spend hours manually auditing their web applications for vulnerabilities. Acunetix is one of the best solutions on the market as it reports very few false positives, meaning additional time is saved as teams do not need to waste resources attempting to validate non-existent issues and vulnerabilities.

How does Acunetix work?

Acunetix can detect vulnerabilities that other technologies would miss because it combines the best of dynamic and static scanning technologies, constantly scanning for vulnerabilities on the application. Acunetix also has the AcuSensor and AcuMonitor, the proprietary technologies which aid in the accuracy of scans.

What Are the Benefits of AcuMonitor?

AcuMonitor increases the scope of vulnerabilities that the Acunetix scanner can detect. Without AcuMonitor, out-of-band detection is not possible. Also, vulnerabilities detected with AcuMonitor are never false positives. Here are some of the vulnerabilities detected by Acunetix with AcuMonitor:

  • Blind server-side XML/SOAP injection
  • Blind XSS (delayed XSS)
  • Host header attack
  • Out-of-band remote code execution (OOB RCE)
  • Out-of-band SQL Injection (OOB SQLi)
  • Email header injection
  • Server-side request forgery (SSRF)
  • XML External Entity injection (XXE)

How do you save time with Acunetix?

The software is at an advanced level and provides vulnerability management and compliance reporting functionality instantly. The template of the reports can be designed specific to each company. You can classify, prioritize, and retest issues. Allowing your security teams to focus on the vulnerabilities, creating more efficiency and most importantly saving time.

Acunetix 360 and its integration with the Software Development Life Cycle (SDLC). This is a big time saver as it integrates all the different parts of website development (development, bug tracking, auto-assignment, alerting, vulnerability management, auto re-testing, etc). Acunetix is able to integrate all these different job processes into a single, automatic, customizable flow.

Can you integrate Acunetix to your system / issue trackers?

Acunetix integrates with 3rd party applications, making it easier to track and protect against identified vulnerabilities. Acunetix scan results can be used by the following Issue Trackers and WAFs, and Acunetix can also be used as part of a Continuous Integration environment.

Issue Trackers

An Issue Tracker is a powerful and essential tool in the Software Development Life Cycle (SDLC) of almost any software project. It helps development teams streamline collaboration and manage their work without getting lost in an endless stream of emails and PDF reports.

Acunetix can send vulnerabilities as issues to the following Issue Trackers:

  • Microsoft TFS
  • JIRA
  • GitHub
  • GitLab
  • Bugzilla
  • Mantis

Web Application Firewalls (WAFs)

Acunetix integrates with popular WAFs to automatically create appropriate Web Application Firewall rules to protect web applications against attacks targeting vulnerabilities that the scanner finds. This allows you to temporarily prevent the exploitation of high-severity vulnerabilities until you are able to fix them.

Acunetix can export scan data to the following Web Application Firewalls (WAFs):

  • Imperva SecureSphere
  • F5 BIG-IP Application Security Manager
  • FortiWeb WAF
  • Citrix WAF

Newtech has proudly partnered with Acunetix as the local distributor, continuing its growing portfolio of brands within the technology sector. Specifically increasing its representation in the realm of cyber security which also includes Darktrace and Bitdefender. The company strives to provide its clients with the best technological solutions available.

If interested in Acunetix and for a free demo, please contact us on ntsales@newtech.mt