Acunetix Offers New Security Audit Service

By Brian Prince  |  Print this article Print

On-demand audit service will check for security flaws in business Web sites and Web applications.

Internet security company Acunetix is offering customers an extra set of eyes to search for vulnerabilities on their Web sites.

The company launched Acunetix SiteAudit on Nov. 27, a new on-demand Web security audit service. SiteAudit is designed to evaluate business Web site and Web application security, while eliminating the cost of having business owners perform such checks on their own.

"Web vulnerability scanning is a critical issue," said Kevin J. Vella, vice president of sales at Acunetix. Vella called the company's move a "logical step" in providing security services to businesses.

Even a small vulnerability can lead to the theft of sensitive data such as credit card information, and hurt customer confidence in a company, Acunetix officials said.

Recent research has shown Web applications are often the victim of attacks by hackers. A report by the Watchfire Corporation dealing with Web application security estimated that 75 percent of hacking attacks occur over the http:/s protocols, and stated "it is essential that organizations implement strong measures to secure their Web applications."

Watchfire is based in Massachusetts and provides software and services to help ensure the security of Web sites.

Acunetix SiteAudit is performed by the company's Web security experts with Acunetix Web Vulnerability Scanner. The company scans its customer's entire Web site and all the customer's Web applications—including Javascript/AJAX applications—for security gaps and checks for SQL injections and cross-site scripting.

Acunetix officials said the audit service, which retails at $395, was designed to eliminate costs tied to the installation, administration and maintenance of purchasing and running software.

Web application attacks dominate IT landscape. Click here to read more.

In addition to performing a thorough Web application scan, Acunetix also offers a complimentary audit of Web and database servers. The service also includes a detailed audit report on the Web site, Web server and database engine and lists any vulnerabilities uncovered.

The company also makes recommendations for fixing those problems.

Company officials said businesses might have neither the in-house expertise to run auditing software effectively nor the money to maintain in-house testing.

"Technology has to be made [financially] accessible to the market," Vella said.

Check out eWEEK.com's Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Ryan Naraine's eWEEK Security Watch blog.


Submit a Comment

Loading Comments...