SecureWorld St. Louis 2015


We had a great time speaking with everyone who stopped by our booth at SecureWorld on Sept. 22nd & 23rd.

Alliance and Acunetix were highly visible at the show due to our unique value proposition. Acunetix offers the best web application vulnerability scanner on the market and Alliance trains Acunetix users how to apply industry best practices and take full advantage of the solution.

If you were unable to come see us, it’s okay! We’re still available to answer your questions and resolve security issues dragging down efficiency, security, and revenue.

The Importance of an Authenticated Network Security Scan

Authenticated network security scans are tests for vulnerabilities that are performed as an authenticated or logged-in user. Authenticated scans happen from a computer that is logged in normally to a network with extra software installed, or from a machine that is designated for the task and given login credentials. These procedures can determine how secure a network is from the interior point of view. Running an authenticated network security scan can provide users with a wealth of information, and here we explore how that is important to a business.


Detect Insider Threats

An insider threat is a malicious hacker who is an officer or employee of a business. Sometimes it is an outside individual who pretends to be an employee by obtaining false credentials. The insider threat’s goal is to gain access to the networks or computer systems of the business, then use found data to maliciously harm the company. Authenticated network security scans limit the damage these insider threats can do.


Find Vulnerabilities 

Authenticated scans can find vulnerabilities that are not detected with an unauthenticated scan. These scans can reveal weak share permissions, missing patches and general overall misconfigurations. Many companies skip running an authenticated scan, but it is the best way to see exactly where things stand for your network.


Prepare for Information Overload

Businesses must be prepared to deal with how authenticated network scans can give you an overload of information, which can be a problem if the individual reading reports is not skilled in IT speak. If they see a lot of “critical” or high level flaws, they can make managers and internal auditors jumpy when they don’t truly know what they are reading. A managed service provider can help your company interpret results of an authenticated network scan.


Set Aside Time for a Scan

Running authentication network security scans can take up to two to three times longer to implement than unauthenticated scans. The more network hosts you have, the more time it will take. You also need time to analyze the scanner results and to report them since they are much bigger than unauthenticated scans. Be prepared and have a significant chunk time set aside.


Scan with Several User Role Levels

To get the most accurate authenticated network security scan it is best from the views of different levels of privilege, such as a standard domain user with limited access and a domain or local administrator. It is also recommended to scan at the highest level possible. By scanning as an administrator or a role that is equivalent to that level you will get the most insight into your company’s network security vulnerabilities.


Contact us today if you have any questions about running an authenticated network security scan for your business. Our highly qualified team is here to help.

Reduce Web Vulnerability Scan Times

Business applications and websites are being routinely attacked and facing a number of threats from hackers looking to steal sensitive information. Luckily, we have the capabilities to ensure that your business website is secure and free of flaws that could be used by online criminals to infiltrate the system. This is done by running web vulnerability scans. The amount of time it takes to scan is very important, and if your vulnerability scan times are slow, it leaves you more vulnerable to a security breach. All it takes is one successful digital break-in by a cyber-criminal for them to access all your sensitive data.


Web Vulnerability Scan Times

A good response time is anything under .2 second, and a response time over .3 second is considered dangerously large, causing scans to take an excessively long time to complete. One of the most common reasons for slow vulnerability scanning times is the relation of the response time between scanner and target application or website. Of course, there are many things that can lead to a high response time and lengthen the time it takes to complete your vulnerability scan. Here we discuss ways to reduce web vulnerability scan times.


Web Server Performance

Your web server simply might not be acting to its full potential, slowing down the scanning process. Start by looking at items like your hard disk access, CPU, memory etc. Often this type of issue is solved after you upgrade your server. Be sure you’re upgrading to something that is able to meet the needs of your business and don’t settle for less.


Firewall Problems

A slow scan time could be because of your Intrusion Detection System, Web Application Firewall or network firewall. Make sure that your antivirus software is up to date. Firewalls are notorious for causing very long site response times.


Database Performance

Once you know that your web server is not slowing you down, consider the database. Slow response times may be solved once the database has been cleaned up and optimized. By doing these simple tasks, your system has less queries to go through every time a response is requested.


Bandwidth and Network Performance

When the network is busy, that will slow everything down. Your server might be in the middle of a bottleneck and that will certainly affect your scan time. Try testing your server from several different locations to confirm this, then you can work on a resolution.


Seek Outside Assistance

You may try all of these tactics and you’re still getting slow response times. Seek outside assistance so you can customize your web vulnerability scan with the Acunetix Web Scanner Tool. Sometimes the whole website does not require scanning but instead the scans can be divided into smaller segments. Acunetix Web Scanner Tool has several filtering options available to reduce web vulnerability scan times.

To learn more about reducing your scan time, contact us today. Our Acunetix trained engineers will be happy to assist you.

Acunetix Web Vulnerability Scanner Version 10 RELEASED!

Acunetix has released a major upgrade to its industry leading web vulnerability scanner. Acunetix Version 10 is now available!

Here’s what’s new in Acunetix Version 10

New in Acunetix Vulnerability Scanner v10

  • ‘Login Sequence Recorder’ has been re-engineered from the ground-up to allow restricted areas to be scanned entirely automatically.
  • Now tests for over 1200 WordPress-specific vulnerabilities in the WordPress core and plugins.
  • Acunetix WVS Crawl data can be augmented using the output of: Fiddler .saz files, Burp Suite saved items, Burp Suite state files, HTTP Archive (.har) files, Acunetix HTTP Sniffer logs, Selenium IDE Scripts.
  • Improved support for Java Frameworks (Java Server Faces (JSF), Spring and Struts) and Ruby on Rails.
  • Increased web services support for web applications which make use of WSDL based web-services, Microsoft WCF-based web services and RESTful web services.
  • Ships with a malware URL detection service, which is used to analyse all the external links found during a scan against a constantly updated database of Malware and Phishing URLs. Read the Press Release.

Alliance’s Security Engineers stay up to date on all the latest versions and can help you learn about all the new features!