Comments on: Acunetix Web Vulnerability Scanner 5 Review

By: Dragos Lungu

Dragos Lungu — Tue, 26 May 2009 18:02:49 +0000

Thanks ! I will definitely try powerfuzzer.com

By: M

Thu, 21 May 2009 12:41:46 +0000

@Dragos

Try Powerfuzzer (http://www.powerfuzzer.com) as well. I had very good results with the Online scanning service.

By: Dragos Lungu

Dragos Lungu — Tue, 17 Feb 2009 15:17:21 +0000

@didier

Thanks for your comment, even though it sounds like a commercial presentation of Gamasec services I will apply for a free Gamasec trial and I will post the results of my assessment.

By: didier

didier — Tue, 17 Feb 2009 14:33:22 +0000

Attackers are well-aware of the valuable information accessible through Web applications, and
their attempts to get at it are often unwittingly assisted by several important factors.
Conscientious organizations carefully protect their perimeters with intrusion detection systems
and firewalls, but these firewalls must keep ports 80 and 443 (SSL) open to conduct online
business. These ports represent open doors to attackers, who have figured out thousands of
ways to penetrate Web applications.
The standard security measures for protecting network traffic, network firewalls and Intrusion
Prevention Systems (IPS) and Intrusion Detection Systems (IDS), do not offer a solution to
application level threats. Network firewalls are designed to secure the internal network
perimeter, leaving organizations vulnerable to various application attacks.
Intrusion Prevention and Detection Systems (IDS/IPS) do not provide thorough analysis of
packet contents. Applications without an added layer of protection increase the risk of harmful
attacks and extreme vulnerabilities.

Web Application Level Attacks is the Achilles heel. In the past, security breaches occurred at the
network level of the corporate systems. Today, hackers are manipulating web applications
inside the corporate firewall. This entry enables them to access sensitive corporate and
customer data. An experienced hacker can break into most commercial websites with even the
smallest hole in a company’s website application code. These sophisticated attacks have
become increasingly threatening to organizations.

I recommend a service call GamaSec ( http://www.gamasec.com) remote online web vulnerability-assessment service
that tests web servers, web-interfaced systems and web-based applications against thousands
of known vulnerabilities with dynamic testing, and by simulating web-application attacks during
online scanning. The service identifies security vulnerabilities and produces recommended
solutions that can fix, or provide a viable workaround to the identified vulnerabilities

http://www.gamasec.com

Vulnerability scanner does automated search for security weaknesses in web applications and theirs services and reports them in details about possible vulnerabilities and probable defense or ways to prevent it

By: vulnerability scanner

vulnerability scanner — Wed, 12 Mar 2008 11:33:18 +0000

I have checked Beyond Security Vulnerability Scanner and was impressed.
It is very easy to use, very friendly interface, and I have a feeling that it has much more vulnerabilities tested. in any case, new vulnerabilities are discovered every day, and the best company is the one that is up to date.

By: Steve

Steve — Wed, 07 Nov 2007 19:14:05 +0000

Yeah that’s right, thats the reason i prefer Maui Security Scanner (http://www.elanize.com).

By: anonymous

anonymous — Mon, 22 Oct 2007 11:34:48 +0000

Version 5.0 sucks. Locked features
Whats point if you can’t try before buying it