Posts

Acunetix Training – Introduction to Web Vulnerability Scanning Strategies with Acunetix

Alliance has been an Acunetix partner for 7 years and now offers Acunetix Training Courses.  We have found that many Acunetix users never learn how to use Acunetix to it’s fullest extent.   With all the highly publicized security breaches around the country, we have decided that helping our clients protect their data is our top priority.  Our clients include the United States Government, State and Local Governments, Security Consulting Firms, and Fortune 1000 organizations.

Our Basic Training course is a 3 hour course given by our two senior security engineers.  It is delivered via the web.  It is highly interactive and tailored to the users’ experience level and particular needs.  Our security engineers are trained directly by Acunetix and work with Acunetix on a consistent basis.   This is a dedicated training for our clients who can invite up to 5 users.

The Introductory course covers the following areas:

  • Overview of Acunetix and Web Vulnerability Scanning
  • Scan Settings
  • Scanning/Crawling Options
  • Login Sequence Recorder
  • HTTP Editor
  • HTTP Sniffer
  • Site Crawler
  • HTTP Fuzzer
  • Authentication Tester
  • Compare Results Tool
  • Target and Domain Finder
  • Web Services Scanner/Editor
  • Scheduler
  • Reporter
  • OWASP
  • New Features in WVS 9.5

A certificate of completion is issued after the completion of the course.

Alliance Logo Transparent

Acunetix Reseller, Acunetix Partner,  Acunetix Training

Acunetix Reseller, Acunetix Partner, Acunetix Training

 

 

SQL Injection Flaws on Web Sites leads to Biggest Data Breach in History

A Russian Cyber Gang, Dubbed CyberVors by Hold Security (who identified the data breach), have stolen over 4.5 Billion Records, mostly containing user credentials from over 420,000 Web and FTP sites.  This represents the largest known data breach in history with dire implications. The CyberVors accomplished this gaining control of a botnet network (a large group of virus-infected computers controlled by 1 criminal system) which they used to identify SQL vulnerabilities on the sites they visited.

How you to protect yourself and your company.

Individuals – Change your credentials using strong passwords.  See this PC Magazine article for some best practices – Creating Strong Passwords

Companies – Check your web site(s) for vulnerabilities.  The CyberVors found sites vulnerable to  SQL Injection.  SQL Injection is one of the most common vulnerabilities found on web sites.   Alliance Technology Partners specializes in Web Security and is the Acunetix Preferred Partner.  We sell, train, and consult IT and Security professionals on how to use Acunetix.  We have the only security engineers directly trained by Acunetix in the US.  We also offer Our Pen Testing and Audit Services.

About Alliance Technology Partners Alliance is IT Solution provider based in St. Louis that specializes in web security.  We help Fortune 1000 and the Government (Federal, State, and Local) secure their web sites.  We offer Web Vulnerability Software (Acunetix) as well as our expertise to assist our clients in their mission to secure their networks.  We offer training and ongoing consulting options.

Why we chose the Acunetix Web Vulnerability Scanner

We at Alliance have help our clients with their IT security for several years and came across Acunetix in 2007.  We immediately saw value in the product.  We had been using open source tools (like BURP, which are still helpful) but Acunetix has some big advantages.  Acunetix is much more efficient and offers a full range of features.  It is also highly configurable so you can perform scans that require authentication and do it in a safe and thorough way.  It also tests for the latest vulnerabilities, which is crucial.  Many open source tools are unreliable and take more time.   Another major advantage of Acunetix is price.  It is substantially less expensive that other tools, yet Acunetix continues to innovate and remains a leader in the Web Application Security space.

Here’s some important features we like about the Acunetix Web Vulnerability Scanner –

  • AcuSensor Technology
  • Industry’s most advanced and in-depth SQL injection and Cross site scripting testing
  • Advanced penetration testing tools, such as the HTTP Editor and the HTTP Fuzzer
  • Visual macro recorder makes testing web forms and password protected areas easy
  • Support for pages with CAPTCHA, single sign-on and Two Factor authentication mechanisms
  • Extensive reporting facilities including PCI compliance reports
  • Multi-threaded and lightning fast scanner – processes thousands of pages with ease
  • Intelligent crawler detects web server type, application language and smartphone-optimized sites.
  • Acunetix crawls and analyzes different types of websites including HTML5, SOAP and AJAX
  • Port scans a web server and runs security checks against network services running on the server