Acunetix 網頁弱點掃描
- Acunetix 網頁弱點掃描
-
類別資訊資安軟體
-
介紹Acunetix 是一款強大的網站安全測試工具,可檢測和消除網站的安全漏洞和弱點。它可以進行全面的網站掃描,檢測網站是否存在 SQL 注入、跨站腳本攻擊、文件包含漏洞、XSS 攻擊等常見安全漏洞,並提供詳細的報告和修復建議。Acunetix 採用了最先進的技術和漏洞庫,可在短時間內快速發現網站中的安全問題,並提供詳盡的解決方案。該軟體還提供了一個簡單易用的介面,可讓您輕鬆地管理和監控網站的安全性。如果您是一名網站管理員或安全專家,Acunetix 將是您不可或缺的工具,讓您保護網站和數據安全。
Acunetix v15 Web vulnerability scanning software
Introduces Web Asset Discovery
A mechanism that automatically allows you to find websites and web applications that may belong to your organization. This allows you to determine if the web application security process needs to cover these assets.
New page showing the target FQDN of all consumed target licenses
This Acunetix update introduces Web Asset Discovery, which allows Acunetix users to easily identify Web assets that may have been forgotten and belong to their organization.
Unparalleled performance
Using traditional web vulnerability scanners, scanning complex web applications can take hours, which seriously affects the performance and internal operations of working websites. However, Acunetix has solved these problems by incorporating more innovative technologies to achieve the goal of improving scanning performance.
Acunetix includes a SmartScan engine and searches for vulnerabilities in prioritized web pages to find more vulnerabilities early. In most cases, Acunetix SmartScan finds about 80% of the vulnerabilities in the first 20% of scans. The latest Acunetix engine reduces the number of requirements for finding vulnerabilities, which in turn reduces the load on the site during scanning.
In addition to the SmartScan engine, the latest version of Acunetix introduces incremental scanning. You can choose to scan only those parts of the web application that have changed since the last full scan. On average, this shortens the process by 90% or more.
Total Security
With the release of Acunetix, the web scanning feature is available on all platforms today. web vulnerabilities and web vulnerabilities are part of the same assessment and management process.
In addition to the previously useful malicious connection finding feature, the latest Acunetix release also introduces web malware scanning. Acunetix finds scripts/downloads scripts on websites and web applications and then scans them locally using Windows Defender or Linux ClamAV.
Further development of automation
Acunetix introduces two new features that can significantly increase automation, especially in cases in large organizations. Vulnerability trust levels are explicitly indicated, or whether further manual confirmation is required. Critical vulnerabilities usually have a
100% confidence level, which means that they are already fully
confirmed. For most of these vulnerabilities, Acunetix now also
provides proof-of-exploit, for example, for the contents of sensitive files downloaded from the server.
The latest version also enhances Acunetix's import and integration capabilities; the Acunetix scanner can now additionally import
files such as WADL, ASP.Net WebForms and Postman to seed the
crawl. You can also export vulnerabilities to issue trackers: GitLab, Bugzilla, and Mantis.
Technical improvements
These new enhancements improve the user interface with better sorting and filtering capabilities, as well as in response to tagging and elevated access.
In addition to these innovations and improvements, Java AcuSensor technology now supports the Spring Framework, and the DeepScan crawl engine now directly recognizes Angular 2, Vue, and React frameworks and adapts the crawl according to requirements.
Acunetix distributor in Taiwan is NFI Co.Founded in 2005, Acunetix is a pioneer and industry leader in automated Web security technology, focusing on the growing battle against the risks of Web attacks.
Acunetix products are trusted by personal security experts, small and medium-sized businesses, and large institutional organizations worldwide. acunetix security providers are also preferred by government, military, education, telecommunications, banking, finance, and e-commerce organizations, including the Pentagon and the Global 500 (e.g., Nike, Disney, Adobe).
系統需求
Minimum System Requirements
- Supported Operating systems
- Microsoft Windows 10 or Windows 2016 R2 and later
- Ubuntu Desktop/Server 18.0.4 LTS or higher
- Suse Linux Enterprise Server 15
- Kali Linux versions 2019.1 and later
- CentOS 8 and CentOS Stream Server and Workstation (with SELinux disabled)
- RedHat 8 and 9 (with SELinux disabled)
- Oracle Linux 8 (with SELinux disabled)
- We are actively testing other Linux distributions.
- Please let us know if you have requests for specific distros.
- CPU: 64 bit processor
- System memory: minimum of 8 GB RAM
- Storage: 1 GB of available hard-disk space.
This does not include the storage required to save the scan results - this will depend on the level of usage of Acunetix.
Acunetix v15 網頁弱點掃描軟體
引入了Web資產發現
一種自動讓您查找可能屬於您組織的網站和Web應用程序的機制。這使您可以決定Web應用程序安全性過程是否需要涵蓋這些資產。
新頁面顯示所有消耗目標許可證的目標FQDN
此Acunetix更新引入了Web資產發現,使Acunetix用戶可以輕鬆識別可能已被遺忘且屬於其組織的Web資產。
無與倫比的效能
使用傳統的Web漏洞掃描器,掃描複雜的Web應用軟體可能要花費數個小時,這嚴重影響了工作中的網站效能和內部運作。然而,Acunetix透過導入更多創新之技術,達到提高掃描效能的目標,來解決這些問題。
Acunetix 包含了SmartScan引擎,並對優先的網頁進行尋找漏洞,及早發現更多的漏洞。在大多數個案中,Acunetix SmartScan可在掃描的前20%中,發現大約80%的漏洞。最新的Acunetix引擎減少尋找漏洞之需求數量,進而減輕了掃描期間的網站負載。
除了SmartScan引擎之外,最新的Acunetix版本還導入了增量掃描。您可以選擇僅掃描在上次完全掃描之後,有變更的Web應用程式部分。就平均而言,將流程縮短90%或是更多。
全方位安全保障
隨著Acunetix 的發佈,網路掃描的功能可以在現今所有平台上使用。Web漏洞和網路漏洞的部分,是相同的評估與管理流程。
除了以前好用的惡意連接尋找功能之外,最新的Acunetix版本還導入了Web惡意軟體掃描。Acunetix在網站和Web應用程式上發現腳本/下載腳本,然後使用Windows Defender或Linux ClamAV在本地進行掃描。
自動化的進一步發展
Acunetix 導入了兩個新功能,可大幅度提升自動化,特別是在大型組織機構中的個案。漏洞信任等級明確表示,或是否需要進一步的手動確認。嚴重漏洞通常具有100%的可信度,這表示它們已經是完全被證實的。對於大多數此類漏洞,現在Acunetix也提供了proof-of-exploit,例如從伺服器下載的敏感文件之內容。
最新版本還增強了Acunetix的匯入和整合功能。Acunetix掃描器現在可以另外匯入WADL、ASP.Net WebForms和Postman等檔案,以對爬網進行播種。您還可以將漏洞導出到問題跟踪器:GitLab、Bugzilla和Mantis
技術改進
這些新的改進,改善了使用者界面,使之具有更好的排序和過濾能力,以及在回應標記和提升存取。
除了上述創新和改進之外,Java AcuSensor技術現在還支持Spring框架,而DeepScan爬網引擎現今可以直接識別Angular 2、Vue和React框架,並依據需求調整爬網。
Acunetix在台灣代理商為新永資訊有限公司,Acunetix成立於2005年,專注於日益俱增的Web攻擊等風險上爭戰;Acunetix也是自動化Web安全技術的先驅和業界的領導者。
Acunetix的產品是被全球個人安全專家、中小型企業和大型機構組織所信賴的。Acunetix安全提供者也是政府、軍事、教育、電信、銀行、金融和電子商務等機構組織的首選,其中也包含了五角大廈與全球500大企業(例:Nike、Disney、Adobe)。
SNMP informant Premium
SNMP Informant Premium 是一個捆綁產品,包含所有 SNMP Informant 產品以及定制增強功能,可讓您充分利用網絡管理基礎設施。增強功能包括: • 監控自定義性能計數器 • 監視自定義 WMI 類 • 監視註冊表值 • 啟動自定義腳本並收集其數據輸出 • 擴展 SNMP 線人以“偵聽”您自己的IANA 私有企業號碼。
BC-Wedge® 條碼資料收集軟體
BC-Wedge 是一款非常簡單的數據採集軟件產品,主要設計用於條碼掃描儀和其他簡單的串行設備,如數顯卡尺和一些數字秤。它非常易於使用且 100% 可靠。它將條碼數據自動輸入到任何 Windows 應用程序或網頁表單中。注 – BC-Wedge 不包含我們 WinWedge 產品的任何高級功能。
Dr.Web v12 大蜘蛛防毒軟體
Dr.Web能於受感染的系統上運作,加上出色的防毒能力,使其成為優越的防毒軟體之一。 Dr.Web 具有業界最高的殺毒及修復成功率。 獨特的記憶體掃描技術及優越的修復能力,使Dr.Web可安裝於受感染的系統上。