Acunetix 10 Coming Soon!!

Acunetix is scheduled to release Acunetix Web Vulnerability Scanner Version 10 this spring!  Version 10 will bring some big improvements.  Most notably, Acunetix will include a revamped version of the Login Sequence Recorder, integration with Fiddler, Selenium and two types of BURP exports.  They have also improved crawling of Java based frameworks (JSF, Spring, and Struts).  Finally, Acunetix will detect more WordPress vulnerabilities than ever before.

Alliance’s engineers will be fully trained on Acunetix version 10.  Our Introductory and Advanced courses have been an enormous success and will be able to bring our clients more value with the release of Acunetix 10.

Scan for ShellShock with Acunetix Web Vulnerability Scanner

ShellShock, dubbed the BIG BUG of 2014, is causing a huge stir in the IT community, with researchers still getting to grips with the damage caused. Also referred to as the BASH Bug, this vulnerability has been assigned the highest CVSS score of 10, a score that not even the notorious HeartBleed achieved. The high score is more than warranted since this Bourne-again Shell vulnerability is very easy to exploit allowing pretty much any script kiddie to take control of a vulnerable server and execute arbitrary code. Acunetix Web Vulnerability Scanner (WVS) has already been updated to identify web servers vulnerable to ShellShock while Acunetix Online Vulnerability Scanner (OVS) has been updated to detect ShellShock on perimeter servers. Users of the most recent Acunetix Web Vulnerability Scanner (WVS) version will be prompted to install an update next time they start Acunetix WVS. Older version users with upgrade entitlement can also get the latest build of Acunetix WVS by downloading it from here and installing it over the current system (backup recommended).

If you don’t have Acunetix, Alliance offers the Acunetix licensing and Acunetix training.

 

 

Acunetix Training – Introduction to Web Vulnerability Scanning Strategies with Acunetix

Alliance has been an Acunetix partner for 7 years and now offers Acunetix Training Courses.  We have found that many Acunetix users never learn how to use Acunetix to it’s fullest extent.   With all the highly publicized security breaches around the country, we have decided that helping our clients protect their data is our top priority.  Our clients include the United States Government, State and Local Governments, Security Consulting Firms, and Fortune 1000 organizations.

Our Basic Training course is a 3 hour course given by our two senior security engineers.  It is delivered via the web.  It is highly interactive and tailored to the users’ experience level and particular needs.  Our security engineers are trained directly by Acunetix and work with Acunetix on a consistent basis.   This is a dedicated training for our clients who can invite up to 5 users.

The Introductory course covers the following areas:

  • Overview of Acunetix and Web Vulnerability Scanning
  • Scan Settings
  • Scanning/Crawling Options
  • Login Sequence Recorder
  • HTTP Editor
  • HTTP Sniffer
  • Site Crawler
  • HTTP Fuzzer
  • Authentication Tester
  • Compare Results Tool
  • Target and Domain Finder
  • Web Services Scanner/Editor
  • Scheduler
  • Reporter
  • OWASP
  • New Features in WVS 9.5

A certificate of completion is issued after the completion of the course.

Alliance Logo Transparent

Acunetix Reseller, Acunetix Partner,  Acunetix Training

Acunetix Reseller, Acunetix Partner, Acunetix Training

 

 

SQL Injection Flaws on Web Sites leads to Biggest Data Breach in History

A Russian Cyber Gang, Dubbed CyberVors by Hold Security (who identified the data breach), have stolen over 4.5 Billion Records, mostly containing user credentials from over 420,000 Web and FTP sites.  This represents the largest known data breach in history with dire implications. The CyberVors accomplished this gaining control of a botnet network (a large group of virus-infected computers controlled by 1 criminal system) which they used to identify SQL vulnerabilities on the sites they visited.

How you to protect yourself and your company.

Individuals – Change your credentials using strong passwords.  See this PC Magazine article for some best practices – Creating Strong Passwords

Companies – Check your web site(s) for vulnerabilities.  The CyberVors found sites vulnerable to  SQL Injection.  SQL Injection is one of the most common vulnerabilities found on web sites.   Alliance Technology Partners specializes in Web Security and is the Acunetix Preferred Partner.  We sell, train, and consult IT and Security professionals on how to use Acunetix.  We have the only security engineers directly trained by Acunetix in the US.  We also offer Our Pen Testing and Audit Services.

About Alliance Technology Partners Alliance is IT Solution provider based in St. Louis that specializes in web security.  We help Fortune 1000 and the Government (Federal, State, and Local) secure their web sites.  We offer Web Vulnerability Software (Acunetix) as well as our expertise to assist our clients in their mission to secure their networks.  We offer training and ongoing consulting options.