Presentation is loading. Please wait.

Presentation is loading. Please wait.

Acunetix v11 Is Your Website Hackable?

Published byもえり ののした Modified over 6 years ago

Similar presentations

Presentation on theme: "Acunetix v11 Is Your Website Hackable?"— Presentation transcript:

1 Acunetix v11 Is Your Website Hackable?
Is everyone here? Good let’s begin. Hello everyone, and thank you for attending. My name is _______. I will be your host for this briefing. Do feel free to ask any questions. Is Your Website Hackable?

2 Pioneer in web application security
Founded in 2004 Pioneer in web application security Fully automated Black-box, Gray- box, Client-side and Out-of-band web application scanner with one consolidated view Depended on by SMEs and Enterprises the world over Fortune 100, 500 and 1000 customers Acunetix was founded in 2004, is privately owned, has been profitable for almost as long, so we are well funded. With many more than 5,000 customers worldwide, Acunetix is relied on globally by individual consultants and security specialists all the way up to large enterprise including well known Fortune 500 firms. <optional> Here’s a brief look at the kind of customers we have in our portfolio… <link> Acunetix is primarily a black-box web app scanner with a very wide vulnerability coverage - Acunetix can also be used to run an active gray-box interactive scan, test client-side and single-page applications as well as detect out-of-band vulnerabilities, all of which we’ll be covering shortly.

3 Product and Service Offering
Acunetix On Premise and Online Black-box, Gray-box, Out-of-band testing Highly accurate, wide test coverage (3000+ web application vulnerabilities) Vulnerability Management Issue Tracker integration and WAF Virtual Patching No dependencies, easy to set-up Web-based console Extensible, highly scalable Acunetix is available on premise, as well as an online service. Both use the same core scanning engine and technology. There are no dependencies or complicated setup to get started, so, in both cases, it’s super-quick to get up and running. Both offer a web-based console that has multi-user, multi-role support. Both offerings can easily be scaled and are rapidly converging.

4 How it works and what’s new in v11

5 Scan Crawler analyzes entire Target starting from a URL, mapping out entire structure. Scanner then tests pages found for vulnerabilities. Scan coverage, scope and speed can be easily customized. New in v11 Multi-user, multi-role accounts for user access to settings, scan kick-off and scan data Target discovery, multi-engine coming soon Acunetix helps web site owners or administrators to identify vulnerabilities by automatically scanning for them. How? Accurate Crawl and Fast Scan It does this by accurately and automatically crawling the entire website, mapping it, deciding for each page what tests to run and at the same time launching scripted tests that simulate a hacker’s attack on every single page. The Acunetix crawler accurately analyzes the entire structure of a web application by looking for links and inputs. Acunetix has one of the best WIVET scores for technology and input parameter coverage. Being able to properly crawl a web application is essential for an accurate scan. The scanner can not test a page for vulnerabilities if it does not know that the page exists. After the crawl is complete, or even while the crawl is under way, Acunetix will proceed to test every page it found during the crawl for security vulnerabilities Impossible to do it all manually! Can you imagine doing all this manually? A small 500 page website x 500 possible tests could mean anything between a 1,000 and 25,000 unique tests. This would be very tedious and time consuming to do manually with great scope for human error. With Acunetix, you get a good baseline, automatically. When hiring penetration testing consultants, you can be sure that they would not able to do their job in short 48 hour time windows without the benefit of this same automation. A scan’s scope can be customized, so you can easily exclude areas of the site that you do not wish to scan. New Now, v11 delivers full multi-user, multi-role access for enterprises to divvy up duties within their organization while keeping audit logs of user activity. (Coming soon: Audit log viewer) It will soon be possible to automatically discover scan targets within an organization, so facilitating scan target setup. Organizations will also soon be able to manage multiple scan engines in sprawling enterprise networks and data centres from a central vulnerability management node with v11.

6 Role-based multi-user system Create multiple user accounts.
Scan Role-based multi-user system Create multiple user accounts. Assign users to particular groups of targets. User can create, scan, and report on the targets assigned, depending on privileges. Acunetix is now a true multi-user enterprise solution, useful for large enterprises requiring users from different departments to work with each other to secure their assets, These user accounts can be given permissions on specific Target Groups, and they will be able to create new targets, scan them or report on the targets within the group. The following table summarizes the permissions available for each role.

7 Scan Role-based multi-user Tester, auditor, developer and manager users can work together on consolidated result data in one vulnerability management system. You can choose from three (3) roles: Tech Admin, Tester or Auditor. The user will be able to create, edit, scan and delete targets, view scans and generate reports, depending on the role selected. The Tech Admin role can create new targets if the user is assigned access to all targets. User account and rights management and target grouping is crucial to securely leverage the consolidation of the result data in one central vulnerability management system.

8 Scan Report Generate a wide variety of management and compliance reports. OWASP Top 10, PCI DSS, ISO27001, HIPAA Results can be exported to XML New in v11 Real-time web Dashboard with trending Filters allow you to find what you’re looking for quickly. Provide Results, Detailed Reports and Remediation Tips After a scan is completed, the next step is typically to report the automated scan’s findings. Acunetix provides us with a great deal of flexibility here. Results are automatically populated on the dashboard in real-time while the scan is being run. What’s more, you can start working with results the scanner finds before the scan finishes. All vulnerabilities found are reported, with classification by severity or industry-standard numbering systems. Acunetix provides valuable remediation tips for you or your webmaster and developers to fix them. The remediation tips we provide are highly praised. The Acunetix alert classification includes High, Medium, Low Severity and Informational alerts supplemented where relevant with objective industry-standard severity classification such as CWE, CVE, CVSS v3. Acunetix provides a comprehensive list of management and compliance report templates. A Technical and Management overview report (Executive Summary) are available. Common governance reports are available: NIST , Sarbanes-Oxley, DISA STIG. Risk reports help home in on particular vulnerability categories: OWASP Top 10, 2011 CWE/SANS Top 25 Most Dangerous Software Errors, WASC Threat Classification. Compliance reports assist firms retain compliance with commonly followed standards: PCI DSS, HIPAA, ISO New It is now possible in v11 to aggregate several target results in one report, or even the whole organization’s vulnerability situation. New integrated vulnerability management features allow for the review of aggregated vulnerability data across all targets, prioritizing security risks and therefore providing a clear view of the business’ security posture, while facilitating compliance. Moreover, the powerful filter sidebar allows users to quickly find targets and results. Views can be modified by this powerful filter side bar to select targets by group, application business criticality, and results by severity, and so on and so forth, and then reported upon those specifically for departmental or smaller business unit requirements.

9 New web-based dashboard
Scan Report New web-based dashboard UI re-engineered from the ground up for greater usability and manageability. Web-based interface allows multiple user access from browser irrespective of OS used. Thanks to the dashboard, management can now easily see trends in the detection of vulnerabilities and the remediation of those vulnerabilities, providing a properly updated picture in real time. This would not be possible without the new web-based UI. The user interface has been re-engineered from the ground up for greater usability and manageability. The minimalist design focuses on the most widely used and important features, doing away with extras which might clutter the screen. Since the interface is now web-based, multiple users can access it from their browser irrespective of the OS used. The new web-based interface significantly improves the manageability of Acunetix, making it easy for less seasoned security personnel to securely check the vulnerabilities on company’s web assets, in a secure multi-user environment.

10 Scan Report Inbuilt Vulnerability Management features
Easily re-scan all Targets (stored in Acunetix with individual settings). Prioritize vulnerabilities by Target’s business criticality. Consolidated reports are stored in the central interface. Select “Target reports”, “Scan reports” or “All Vulnerabilities” report. These are some of the new inbuilt vulnerability management features: All targets (web applications to scan) are now stored in Acunetix with their individual settings and can be easily re-scanned. Targets are displayed in one interface and classified by business criticality, allowing you to easily focus on the most important assets. Vulnerabilities can also be prioritized by the target’s business criticality. Consolidated reports are stored in the central interface. Users can choose between “Target reports”, “Scan reports” or “All Vulnerabilities” report.

11 Out-of-the-box WAF Virtual Patching
Scan Report Remediate Out-of-the-box WAF Virtual Patching Acunetix v11 can export accurate scan results to automatically configure the following Web Application Firewalls (WAFs): Imperva SecureSphere, F5 BIG-IP Application Security Manager FortiWeb WAF Acunetix is very accurate with 100% detection and NO false positives of the really serious vulnerabilities in reputable benchmarks (WAVSEP). This makes Acunetix ideal for WAF virtual patching Customers rely on Acunetix’ accuracy to not only deploy WAF virtual patches in learning mode, but can implement virtual patching in blocking mode. Acunetix can export discovered vulnerability results to the most popular Web Application Firewalls [Imperva SecureSphere, F5 BIG-IP Application Security Manager and Fortinet FortiWeb WAF] to automate the configuration of these WAFs which are notoriously complicated to configure. This, however, only wins some time for you to fix those vulnerabilities once and for all…

12 Out-of-the-box Issue-Tracker Integration
Scan Report Remediate Out-of-the-box Issue-Tracker Integration Acunetix v11 can send vulnerabilities as issues to the following Issue Trackers: Atlassian JIRA Software GitHub Microsoft Team Foundation Accurate scan results alone and configuring a WAF are not enough! The WAF might fail. The attacker might be extremely persistent and try numerous variants that could exploit the same vulnerability. It is impossible to guess them all. Vulnerabilities must be fixed to reduce the threat surface and the risk something might go wrong. Full remediation requires the correction of bugs and issues in a web application. We’ve spoken about generating reports already; and while you can certainly provide a development team with a report of the scanner’s findings, anyone who has worked on, or with, a development team during the process of remediating vulnerabilities, knows that “300-page PDFs” don’t work particularly well. Development teams organize their work in Issue Trackers, since these tools are typically integrated with other aspects of the SDLC (Software Development Life Cycle) such as version control. So providing PDF reports to the people who actually need to fix vulnerabilities found by the scanner, is just not a natural fit to a development team’s workflow. Acunetix supplements detailed developer reports with out-of-the-box integration with Atlassian JIRA, GitHub and Microsoft Team Foundation Server, allowing development teams to focus on remediation, while still allowing management to extract the reports required for them to make strategic decisions. You can even export scan results in formats that can be consumed by other systems such as spreadsheets and custom tools.

13 Scan Report Remediate Verify
Other New Features in v11 Mark vulnerabilities as Fixed Vulnerability Rediscovery let’s you know that “fixed” vulnerabilities have been rediscovered Continuous Scanning automatically runs a Quick Scan every day on a Target, and a Full Scan once a week Over time, Acunetix has developed a high level of confidence in results. Furthermore, DeepScan and AcuSensor technologies provide for a high level of accuracy and great reduction in false positives. Acunetix accuracy is such that in time, testers realise that they can pretty much rely on the results most of the time. If in doubt a tester could also spot-check some vulnerability reports manually by using the accompanying suite of manual tools. Once that is done, we’d want to verify that any vulnerabilities are properly fixed. We can do this in two ways: First, we can mark vulnerabilities as Fixed. Once a vulnerability is marked as fixed, if that same vulnerability is detected again in a subsequent scan, Acunetix will mark it as Rediscovered, indicating, that the implemented fix was not effective, and the vulnerability is still exploitable. Is there an issue with developer training? Are we communicating the vulnerability fixes well enough? Is there an underlying design issue? Secondly, we have the option of setting-up a Target for Continuous Scanning. This allows us to ensure that any vulnerabilities are discovered as quickly as possible, especially if the web application being scanned is part of a Continuous Delivery pipeline.

14 Acunetix Flagship Technologies

15 Acunetix DeepScan

16 Acunetix DeepScan WebKit, the world’s most widely used browser engine
Crawl and scan HTML5 web applications Execute JavaScript like a real browser Complex client-side web applications (AngularJS, ReactJS, EmberJS…) DOM-based Cross-site Scripting Malicious URLs Popular CMSs (WordPress, Drupal, Joomla!) CRUD requests, JSON, XML, GWT, AJAX, WSDL/SOAP, WCF/SOAP and WADL/REST Our mantra is “If you cannot crawl it, you cannot scan it!” We provide the best support for HTML5 in the market today thanks to our integration with Webkit in what we call DeepScan. It browses a site like a real user, executes and analyses JavaScript, and accurately crawls AJAX-heavy client side Single Page Applications. Popular JS technologies such as Angular, React and Ember, as well as Google Web Toolkit (GWT) are not a problem. We understand the whole set of technologies, frameworks and even web services: SOAP/WSDL/WCF, REST/WADL, XML, JSON, CRUD and also Ruby on Rails and the most common JAVA frameworks. Last but definitely not least, we support the most popular Content Management Systems (CMS) in use within Enterprise today, with a massive focus on WordPress (that’s 80 million websites out there), Joomla and Drupal. Think Shadow IT.

17 Over 65% of Customers Scan Single-Page Apps
47% found DOM-based XSS vulnerabilities using DeepScan Why is this big? Well, we want to be able to crawl anything our customers throw at us, otherwise you cannot scan it. Take Single Page Applications for instance. Over 65% of our customers scan SPAs And 47% of those have found at least one DOM-based XSS which would not have been possible without DeepScan. I will be showing you a sample result during the demo.

18 Acunetix AcuMonitor

19 Acunetix AcuMonitor Automatic Out-of-band vulnerability detection
Blind Cross-site Scripting (BXSS / Delayed XSS) XML External Entity Injection (XXE) Server Side Request Forgery (SSRF) Out-of-Band SQL Injection (OOB SQLi) Out-of-Band Remote Code Execution (OOB RCE) Host Header Injection Header Injection Password Reset Poisoning Out of band vulnerabilities may manifest themselves at a different location from the web application being tested, or even at a completely different time due to, for instance, the sharing of data in central databases between multiple applications and the actual trigger event. AcuMonitor is needed as an intermediary service for them to be detected. Moreover, certain types of vulnerabilities that are notoriously hard to detect also require AcuMonitor to detect them… AcuMonitor is quite unique… some copy us. Now, OOB vulnerabilities show up in the vulnerability management interface and are reported on seamlessly, without reliance on notifications. One view, one solution. I will also be showing you a sample result. The schematic shows you how a Blind XSS vulnerability is detected using a friendly payload from Acunetix which phones home via AcuMonitor.

20 Acunetix AcuMonitor Hunting for XXE in Uber using Acunetix AcuMonitor Blind Cross-site Scripting (BXSS / Delayed XSS) to automatically Crawled the REST API endpoint Figured out POST vs GET Submitted XML even though App returns JSON Tests Blind OOB XXE using AcuMonitor No separate HTTP server No manual sifting of logs 26 different Uber domains affected (found using Google Hacking) A member of the global Acunetix user community demonstrated how a XXE vulnerability was discovered in an Uber bug-bounty program using AcuMonitor In the Uber case-study, Acunetix and Acunetix AcuMonitor automatically crawled the vulnerable Uber RESTful API endpoint, automatically figured out it needed to send a POST instead of a GET request, submitted XML, even though the application returns its data in JSON by default, and tested for Blind Out-of-band XXE without the need for setting up a separate HTTP server, or manually sifting through logs to look for connections made by the XML parser. The researcher went on further to find over 26 different domains belonging to Uber that were affected by this vulnerability using ‘Google Hacking’ in Acunetix, which is essentially, a search string using advanced search operators to find information not readily available on a website.

21 Acunetix AcuSensor

22 Acunetix AcuSensor mysqli_query($conn, $sql)
Enables the scanner to run a gray-box scan AcuSensor component inspects the source code of a web application whilst it is in execution Shows vulnerable source code line number Shows vulnerable source code stack trace Shows vulnerable SQL queries 100% backend crawl coverage 100% verification of 12+ high-severity vulnerabilities Analyze server configuration for vulnerabilities AcuSensor provides a cost-effective alternative to complicated source code testing. It eliminates false positives, detects all files present on the web server including back door applications. It can show lots of detail such as vulnerable source code file vulnerable line of code SQL queries as they would have run in the SQL interpreter it also confirms and compliments crawler coverage by running a back-end crawl This schematic shows how the active sensor works. Acunetix will send a payload, in this case an SQLi payload AcuSensor will be invoked – in this case AcuSensor will inspect the function our application is making to connect to the database Finally, AcuSensor will deliver the request back to Acunetix with additional information obtained from the back-end mysqli_query($conn, $sql)

23 Acunetix AcuSensor (100% Verified)
Arbitrary File Creation Arbitrary File Deletion Code Execution CRLF Injection Directory Traversal Injection File Inclusion File Tampering File Upload PHP Code Injection PHP SuperGlobals Overwrite PHP User Controlled Vulnerabilities Reflected and Stored XSS SQL Injection This is the list of high severity vulnerabilities that AcuSensor verifies to a 100% accuracy. [optional] We can show you a sample result later.

24 AcuSensor is used by over 30% of Customers
Included as standard in Acunetix What’s more, 30% of our customers use AcuSensor because it is a standard part of Acunetix, up from 20% in 2015, which far surpasses the industry average uptake of similar technologies by other solution providers.

25 Acunetix Partner Program
Performance-based resale margin Access to free NFR & POCs Telephone & support Training videos, Documentation, Webinars, Blog Listing on the Acunetix partner page Access to leads Strong recurrent revenue opportunity Acunetix has a mature Partner Program. Marketing Support We can provide Artworks, Listing on our High Traffic site, Co-Marketing Activities and Coop-PR and News. Technical Support We can also provide a high level of Tech Support as a Second Level Support, we have a very busy Blog, we provide NFRs, and Proof of Concept, Documentation as well as Integration Support. Start Small - Grow the Business So, Acunetix offers resellers and service providers an easy entry into the web site and perimeter scanning market with an online, hugely scalable, simple highly available service. We can work on a Channel basis or on a Technology Licensing basis. We have a flexible way of dealing with any entry point for our customers and partners. You can start small as a channel partner with zero entry costs and margins on each and every subscription sold to then consider the licensing of the technology as the business grows. All those web site hosting customers are yours. Once you license Acunetix technology, you can define your own model, own a bigger chunk of the revenue and keep your customers more secure. We are ready to give you an easy way into providing Cloud-based Security Service to all your captive customers. Are you ready to pick up the cash? Good Partners get listed on our high traffic web site.

26 Acunetix Academy Partners and Licensed Users can get Acunetix certified Win customer confidence Earn more from service revenue Get listed on the Acunetix website The Acunetix Certification program is designed to increase Acunetix Partners’ profitability by giving them the resources and knowledge they need to sell Acunetix, and better support existing customers. Certification confirms that the candidate has the necessary knowledge and skills required to set up, configure, operate and troubleshoot Acunetix to automatically scan a website for vulnerabilities, and interpret the results to further research and take action on vulnerabilities.

27 Thank You Is Your Website Hackable? Questions? sales@acunetix.com
Is Your Website Hackable?

Download ppt "Acunetix v11 Is Your Website Hackable?"

Similar presentations

Using the Self Service BMC Helpdesk

Using the Self Service BMC Helpdesk
Copyright Hub Software Engineering Ltd 2010All rights reserved Hub Document Manager Product Overview.

Copyright Hub Software Engineering Ltd 2010All rights reserved Hub Document Manager Product Overview.
LeadManager™- Internet Marketing Lead Management Solution May, 2009.

LeadManager™- Internet Marketing Lead Management Solution May, 2009.
Web Application Security Assessment and Vulnerability Assessment.

Web Application Security Assessment and Vulnerability Assessment.
Is Your Website Hackable? Check with Acunetix Web Vulnerability Scanner. Acunetix Web Vulnerability Scanner V9.

Is Your Website Hackable? Check with Acunetix Web Vulnerability Scanner. Acunetix Web Vulnerability Scanner V9.
Maintaining a Microsoft SQL Server 2008 Database SQLServer-Training.com.

Maintaining a Microsoft SQL Server 2008 Database SQLServer-Training.com.
Trimble Connected Community

Trimble Connected Community
User Manager Pro Suite Taking Control of Your Systems Joe Vachon Sales Engineer November 8, 2007.

User Manager Pro Suite Taking Control of Your Systems Joe Vachon Sales Engineer November 8, 2007.
Www.korem.com 1 Geospatial and Business Intelligence Jean-Sébastien Turcotte Executive VP San Francisco - April 2007 Streamlining web mapping applications.

1 Geospatial and Business Intelligence Jean-Sébastien Turcotte Executive VP San Francisco - April 2007 Streamlining web mapping applications.
Using the Right Method to Collect Information IW233 Amanda Murphy.

Using the Right Method to Collect Information IW233 Amanda Murphy.
240-Current Research Easily Extensible Systems, Octave, Input Formats, SOA.

240-Current Research Easily Extensible Systems, Octave, Input Formats, SOA.
Web Applications Testing By Jamie Rougvie Supported by.

Web Applications Testing By Jamie Rougvie Supported by.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Microsoft Management Seminar Series SMS 2003 Change Management.

Microsoft Management Seminar Series SMS 2003 Change Management.
MANAGED SECURITY TESTING PROACTIVELY MANAGING VULNERABILITIES.

MANAGED SECURITY TESTING PROACTIVELY MANAGING VULNERABILITIES.
ICM 10.0.0.0 – API Server & Forms Gary Ratcliffe.

ICM – API Server & Forms Gary Ratcliffe.
1 BCS 4 th Semester. Step 1: Download SQL Server 2005 Express Edition Version Feature SQL Server 2005 Express Edition SP1 SQL Server 2005 Express Edition.

1 BCS 4 th Semester. Step 1: Download SQL Server 2005 Express Edition Version Feature SQL Server 2005 Express Edition SP1 SQL Server 2005 Express Edition.
SQL Database Management

SQL Database Management
Acunetix Vulnerability Scanner

Acunetix Vulnerability Scanner
SharePoint 101 – An Overview of SharePoint 2010, 2013 and Office 365

SharePoint 101 – An Overview of SharePoint 2010, 2013 and Office 365

Similar presentations

Ads by Google