Major Update of Acunetix Online
Acunetix Online has undergone a mammoth update, now enjoying all the
features and benefits found in Acunetix On Premise, including:
Integrated vulnerability management, greater manageability of threats
and targets and the integration of popular WAFs and Issue Tracking
systems. Acunetix Online also features a brand new UI for greater
ease-of-use and manageability.
New web-based user interface
The user interface has been re-designed with a fresh new look,
bringing it inline with Acunetix On Premise. The Acunetix Online UI is
designed to make it easier for customers to use, by focusing on the core
functionality of the product, introducing filtering options, and
improving manageability of Targets.
- All lists can be filtered (Targets, Scans, Vulnerabilities and Reports).
- Increased configuration options (Excluded Hours, Excluded Paths, custom User Agent strings, client certificates and more).
- Pre-seed crawls using a list of URLs, Acunetix Sniffer Log, Fiddler SAZ files, Burp Suite saved and state files, and HTTP Archive (HAR) files.
Targets and Vulnerabilities configured by business criticality
Business Criticality can now be assigned to Targets, enabling
customers to immediately identify and address vulnerabilities on
critical servers.
- Vulnerabilities identified on all Targets are shown in one list
- Vulnerability list can be filtered by Target, Business Criticality, Vulnerability, Vulnerability Status and CVSS.
- Vulnerability can be grouped by Target Business Criticality and Vulnerability Severity.
Integration with popular WAFs and Issue Tracking Systems
Vulnerabilities can now be exported to one of the supported WAFs (F5
Big-IP ASM, Fortinet FortiWeb and Imperva SecureSphere). This allows the
user to implement a virtual patch in the WAF, until a fix addressing
the vulnerability is installed. Scan results can also be exported to the
Acunetix generic XML for integration with other WAFs or 3rd party
systems.
Acunetix Online also supports exporting vulnerabilities to either
Atlassian JIRA, GitHub or Microsoft Team Foundation Server (TFS),
allowing development teams to better keep track of vulnerabilities in
their issue tracking systems.
Mark Vulnerabilities as Fixed or False Positives
With the ability to mark vulnerabilities as False Positive, Fixed or Ignored,
users can now get rid of false positives from upcoming scans and
reports. While any fixed vulnerabilities that are identified by Acunetix
will be shown as Rediscovered. The user is given the option of
accepting the risk of a vulnerability by marking the vulnerability as
Ignored.
Custom Scan Types
Apart from using the default Scan Types included in Acunetix,
Acunetix Online users are now able to choose which specific
vulnerabilities to scan for. This is made possible through the creation
of Custom Scan Types. For example, a Custom Scan Type can be created to
scan Targets for a recently discovered vulnerability.
Enhanced Reporting
Acunetix Online now allows reports to be generated on:
- Individual or multiple Scans,
- Individual or multiple Targets,
- Individual, multiple or all the Vulnerabilities identified by Acunetix.
There is also the introduction of a Scan Comparison report
which highlights the differences between 2 scans, allowing the user to
easily identify the new vulnerabilities in the latest scans, or the
vulnerabilities that have not been detected, which could mean that they
are fixed. Reports are now available in both PDF and HTML.
Network Security Scanning
Acunetix Online provides a comprehensive perimeter network security
scanning service by integrating with the latest OpenVAS network
vulnerability scanning engine (v9). Acunetix Online can now detect in
excess of 50,000 network vulnerabilities.
Added functionality for Acunetix Integrators
Acunetix have added a new API that may be used by system integrators,
exposing all the functionality available in Acunetix. The API is able
to provide up-to-the-minute status of on-going scans together with
information on vulnerabilities identified for these scans.
Major Update of Acunetix Online
Reviewed by Zion3R
on
7:43 PM
Rating: