Monday, October 20, 2008

Acunetix goes beyond Black Box Scanning with Acusensor technology

Acunetix has just set new standards in web application security technology with its new Acusensor technology. Available as part of the new version 6, this technology identifies more more vulnerabilities, whilst generating less false positives. In addition it indicates exactly where in the code the vulnerability is and also reports debug information. Acunetix is the first and only Web Vulnerability Scanner to implement this innovative technology.

The increased accuracy is achieved by combining black box scanning techniques with feedback from sensors placed inside the source code while it is executed. In contrast, Black box scanning does not know how the application reacts and source code analyzers do not understand how the application will behave while it is being attacked. Acusensor technology combines these techniques to achieve more relevant results than using source code analyzers and black box scanning independently.

AcuSensor Technology works with both PHP and ASP.NET applications. In the case of ASP.NET applications it does not require .NET source code; it can be injected in already compiled .NET applications. Thus there is no need to install a compiler or obtain the web applications’ source code, which is a big advantage when using a third party .NET application. In the case of PHP, the source is already available.

A beta of the new version which includes Acusense technology can be downloaded here. Stay tuned for more information, a white paper is on the way!

No comments: