Archive for category: News

Acunetix and Netsparker have been named a 2020 Gartner Peer Insights Customers’ Choice for Application Security Testing

/in , , , /by

Invicti Security™, a leader in Dynamic Application Security Testing (DAST) and Interactive Application Security Testing (IAST), today announced that both Acunetix and Netsparker have been named a 2020 Gartner Peer Insights Customers’ Choice for Application Security Testing, as reviewed by customers.

As of October 9, Acunetix has an Overall Rating of 4.8 out of 5 in the Application Security Testing market, based on 57 reviews. Acunetix earned the highest percentage of 5/5 star reviews in their category. In addition, Acunetix rated the highest in product capabilities with a 4.9/5 rating and the highest in integration and deployment with a 4.8/5 rating. As of October 9, Netsparker has an Overall Rating of 4.6 out of 5 in the Application Security Testing market, based on 50 reviews.

The Gartner Peer Insights Customers’ Choice distinction recognizes vendors and products that are highly rated by their customers. Gartner Peer Insights gives IT buyers the confidence to select enterprise solutions based on reviews by IT peers, verified by Gartner. To be recognized with the Customers’ Choice distinction, a vendor must have 50 or more published reviews and an average overall rating of 4.2 stars or higher across those reviews accumulated within the 12-month submission period. In addition, at least 20% of all eligible reviews must be from outside of the primary industry, region, and company size.

“We are very proud to be named a Gartner Peer Insights Customers’ Choice,” said Invicti Chief Executive Officer Ferruh Mavituna. “We believe this customer recognition validates our commitment to providing value to customers through our industry-leading web application security solutions.”

Here are just a few examples of what Invicti customers are saying, taken from anonymous Acunetix and Netsparker reviews provided by users worldwide:

Acunetix

  • Hіgh Quаlіty Sсаnnеr: “I аlwаys rесоmmеnd thіs scanner bеcаusе оf іts ехtеnsіvе dаtа оn sесurіty hоlеs. Thіs fеаturе hаs sаvеd mе multiple tіmеs. Fоr busіnеssеs whеrе sесurіty іs сruсіаl fоr орtіmаl рrосеssеs, Aсunеtіх іs thе bеst sоlutіоn tо kеер yоur аррs hеаlthy.”
  • Very Helpful Reports And Scan Results To Secure The Applications: “Great scanning application especially for vulnerable applications to find out the flaws or identify the threats, easily report the findings with the tool results and suggest fixes for the same. The application support and setup implementation were very easy and in no time we started using the application for assessment.”
  • Best Automated Web Application Security Testing Tool: “Acunetix is an incredible web application Security scanner it can perform various static and Dynamic tests to Web applications. Acunetix is mostly used for identifying Web application Vulnerabilities and we can automate the process and we can identify the Vulnerabilities easily.”
  • Fully Automated Web Application Security Scanner: “Acunetix has a fully automated scanner for web application security scans it can use easily even without expert knowledge about the product this is really user-friendly and easy to use the tool and able to scan the web applications quickly and find the vulnerabilities in the web applications easily this tool is a fully commercial tool and it has really advanced features of deep scanning and automated report generating features.”

Netsparker

  • Best Website Scanning Tool For Security Issues: “NetSparker is a tool which is very widely used for web and app security testing. Using Netsparker we can scan a website or application for vulnerabilities and threats. It is very time and cost-effective as most of the vulnerabilities are uncovered by it before the website goes live. Its best feature is that it provides proofs for its findings. It is very easy to use and requires very basic training. It also provides email alerts.”
  • WAS Scanner For End-End Scanning: “The product is super reliable, comes in handy and has the best customer support. I have been using Netsparker for over 3 years and this solution has helped secure our web applications in ways I have not witnessed before. Whenever issues arise or I run into a dilemma or have some concern, the Netsparker customer support team always comes to rescue.”
  • Web Application Security Scanner By Netsparker: “Netsparker has one of the best detection rates. The issue-tracking has made it absolutely easy to detect a malicious venture or policy violations. All the policy violations and malicious activities are collected using the system and event management system which is yet another amazing aspect of Netsparker.”
  • NetSparker- Web Application Security Scanner: “The web application security scanner allows us to cover complete end-end penetration testing and scanning of web applications and it fetches the threats and harmful elements in the application through its powerful scanning system and methodologies, It is a simple and reliable tool to perform pen-testing.”

To see the full list of vendors in the July 2020 Gartner Peer Insights Customers’ Choice for Application Security Testing, click here.

About Gartner Peer Insights

Gartner Peer Insights is an online platform of ratings and reviews of IT software and services that are written and read by IT professionals and technology decision-makers. The goal is to help IT leaders make more insightful purchase decisions and help technology providers improve their products by receiving objective, unbiased feedback from their customers. Gartner Peer Insights includes more than 215,000 verified reviews in more than 340 markets. For more information, please visit www.gartner.com/reviews/home.

Gartner Peer Insights Customers’ Choice constitutes the subjective opinions of individual end-user reviews, ratings, and data applied against a documented methodology; they neither represent the views of nor constitute an endorsement by, Gartner or its affiliates.

Gartner Peer Insights ‘Voice of the Customer’: Application Security Testing, October 2020

About Invicti Security

Based in Austin, Texas, Invicti Security specializes in web application security, serving organizations across the world. Invicti was founded in 2018 by bringing together Netsparker and Acunetix, two brands that identify web vulnerabilities to prevent costly data breaches and other security incidents. Netsparker was the first web application security solution to deliver automatic verification of vulnerabilities with its proprietary Proof-Based Scanning™ technology. This best-in-class web application security solution identifies vulnerabilities from the early stages of application development through production. Known for its ease of use, speed and accuracy, Acunetix is a global web security leader and the first-ever automated web application security scanner. A privately held company, Invicti is backed by Turn/River Capital.

About Alliance Technology Partners

Alliance Technology Partners is an Authorized Acunetix and Netsparker Value-Added Distributor in the United States. We have been partnering with Acunetix since 2007. We work with Government and Corporate Security Teams, Technology Resellers, and Consultants to deliver best in class vulnerability management solutions.

The True Cost of Phishing Attacks

/in , , /by

It is quite deceiving that something so vicious can be named after a treasured pastime. We love fishing, but this is not your grandfather’s weekend adventure. Phishing is a serious crime and one from which many are unable to recover. Phishing is not going away anytime soon. In fact, it is at an all-time high. We at Alliance Technology Partners want to warn you about the true cost of phishing attacks.

 

Phishing Statistics

According to the APWG Phishing Activity Trends Report, in the 1st quarter of 2014, the number of phishing sites jumped by 10.7 percent compared to the final quarter in 2013. In 2013, the number of brands targeted by criminals was 525 in the 4th quarter, and by the 1st quarter in 2014, that number reached 557. The first quarter of 2014 experienced the second highest number ever recorded in the first quarter since APWG began tracking and publishing the Phishing Activity and Trends Report.

 

Who are the Primary Targets?

Cybercriminals are not picky. They target any and all businesses and the customers who visit their sites, check their emails, and more. According to the same APWG report, at least 32.7 percent of personal computers were infected with some sort of spyware, malware or adware.

In the United States, we are the number one targets for criminals, as the US is the country with the highest number of phishing sites (APWG June 2014). Trojans are the number-one strain of phishing weapons. Trojans make up more 70% of new malware strains and malware infections.

What is it criminals are after and what industries and consumers are affected? The agency reports payment services sites make up 47% of email subjects; 20% are financial service industries, and 20% include retail and service industries. The two common types of attacks are “spear phishing” and “whaling.”

Crimeware is a common malware code that infiltrates financial institutions to steal customer data and financial information. Generic and Data Trojans can be deployed to any company’s network—including yours—to collect all data that goes in and out of the company. If your company is not in the position to protect, detect, and prevent such attacks, the consequences can and will cripple your business and its brand.

 

What is the True Cost?

Wall Street and Tech reports more than 70% of companies report that the lack of security awareness is the number one threat against the company. Let’s be clear: there are more than financial costs on the line; your very operations are in jeopardy. Once a criminal gets into the system or accesses data, the costs soar. An organization can spend as much as $3.7 million per year addressing phishing attacks. Does your company have that kind of dough? Companies that experience data breaches can also lose money in the bank, they may have to pay legal fees and settlements, they may have to replace software and systems, and companies—if they survive—will have to repair their reputations as well. Revenue is lost, trust is lost, customers flee, and word-of-mouth prevents new clients from seeking your services.

 

Don’t’ become a phishing horror story. Talk to the professionals at Alliance Technology Partners about prevention, protection and strategies to combat phishing attacks.

Improvements to Acunetix Web Vulnerability Scanner 10

/in , /by

Technology is quickly changing the way more and more businesses are running. Advancements in browser technology and the spread of cloud computing are making web services and applications the core elements of most companies. These advancements are improving business with better efficiency and productivity, but at the same time opening themselves up to online hackers.

Since more than 70% of websites and applications contain vulnerabilities that can make sensitive data easy to steal, it has been critical that businesses use tools like the Acunetix Web Vulnerability Scanner for security against cyber-crimes. The latests version, Acunetix 10, has been released and contains major upgrades. Below we discuss the ways that Acunetix 10 is even better than the previous versions of the trusted web vulnerability scanner you have come to rely on.

 

Re-Engineered ‘Login Sequence Recorder’ for Acunetix 10 

Experts have re-engineered the ‘Login Sequence Recorder’ from the ground-up, which allows for restricted areas to be entirely scanned automatically, giving you better peace of mind. Generally, restricted areas like user login pages make it harder for a scanner to access them and would need manual direction. The Acunetix 10 ‘Login Sequence Recorder’ has been significantly improved so that it can automatically scan web applications that use an OAuth-based authentication and single Sign-On (SSO). The ‘Login Sequence Recorder’ shows extreme improvements in the support for nonces, anti-CSRF token or one-time tokens that are used in restricted areas.

 

Better WordPress Vulnerability Detection 

Since over 74 million WordPress sites are up and running, all it takes is one vulnerability found in WordPress Core or a plugin to attack millions of individual sites. Acunetix Version 10 now tests for more than 1200 vulnerabilities that are specific to WordPress, based on the most commonly downloaded plugins. It can still retain the ability to detect custom built plugin vulnerabilities, and no other scanner on the market can detect such a high number of possible WordPress weaknesses.

 

Improved Support for A Variety of Web Services and Development Architectures 

Ruby on Rails and Java are what many mission critical, enterprise-grade applications are built on. Acunetix Version 10 has been constructed to crawl and scan web applications built using these technologies with extreme accuracy. Specific improvements are seen for SOAP-based web services with WCF and WSDL descriptions, along with automated scans of RESTful web services that use WADL definitions. Version 10 additionally uses a dynamic crawl pre-seeding via integration of third-party, external tools that include Burp Suite, Fiddler and the Selenium IDE. This enhances Business Logic Testing and the workflow among Automation and Manual Testing.

 

Acunetix 10 Detects Malware and Phishing URLs 

A malware URL detection service ships with Acunetix Version 10, which is used to analyze every external link found during a scan against a database of Malware and Phishing URLs that is constantly updated. This Malware Detection Service uses the Google and Yandex Safe Browsing Database.

 

Contact us today if you have any questions about updating to Acunetix 10! It is the best decision you will make for the online security of your business.

Gartner recognizes Acunetix as a Challenger for Application Security Testing in 2015

/in , , , /by

Gartner recognizes Acunetix as a Challenger

Acunetix Receives 2nd highest product score for Manual Web Penetration Testing in Gartner’s 2015 Critical Capabilities for Application Security Testing Report

Gartner, Inc., the leading provider of research and analysis on the global information technology industry, has recognized Acunetix as a challenger, assigning Acunetix Web Vulnerability Scanner a score of 4.36 out of 5.0 in the Manual Web Penetration Testing Use Case, in Gartner’s most recent Critical Capabilities for Application Security Testing Report.

Read More