A new version of Acunetix Web Vulnerability Scanners v10.5 has been released. The Full Edition of Acunetix Web Vulnerability Scanner allows you to perform full unlimited scans. The new version tests for Joomla! and Drupal vulnerabilities, supports CVSS 3.0 and includes other improvements/bug fixes.
Joomla! and Drupal Support
- Acunetix v10.5 now reports vulnerabilities in popular content management systems Joomla! and Drupal. The new proprietary database includes close to 300 Joomla! and Drupal vulnerability checks.
Supports CVSS 3.0
- Due to popular demand, Acunetix 10.5 now scores vulnerabilities using CVSS 3.0. CVSS is a very common scoring system, often used for compliance purposes and to prioritize the fixing of vulnerabilities. CVSS 3.0 updates the metrics used to calculate the scores for vulnerabilities, bringing it in line with the security industry’s requirements while giving more realistic scores to web vulnerabilities. Acunetix WVS v10.5 scores vulnerabilities using both CVSSv2 and the new CVSSv3.
The Common Vulnerability Scoring System (CVSS) is an open standard for assessing the severity of security vulnerabilities. “Common” being the keyword, indicating that CVSS is designed to not only be independent to a specific vendor or industry, but also interoperable across systems that vary in size and scope. This is not only a great initiative but it also attempts to provide an open scoring standard which is understood and actively contributed by the security community—making it effective and efficient to use in many different fields and industries.
A CVSS score classifies a vulnerability based on the potential impact inflicted on the host where the vulnerability resides. This takes into consideration the nature of data that may be compromised by evaluating a series of metrics such as Attack Vector, Attack Complexity and also Privileges Required which is a new metric available in CVSS version 3.
Network vulnerabilities were far more common in the past, and CVSS v2 did a very good job at classifying these. Over the years there has been a rise in web application vulnerabilities which demanded a more granular and accurate scoring system to accurately reflect the severity of both network and web application vulnerabilities.
This goes to show that CVSS version 3 improves the accuracy and consistency of web application related vulnerabilities which makes it more relevant to a web application scanner, such as Acunetix.
Acunetix provides CVSS as a scoring guideline for professionals who need to use CVSS for Compliance or when the vulnerabilities identified by Acunetix need to be prioritised with bugs identified by other vulnerability management systems. Acunetix Web Vulnerability Scanner v10.5 ships with support for CVSS v3 to allow users to better categorise web vulnerabilities identified by Acunetix.
This video is about Acunetix Vulnerability Scanner v10.5 What’s New Product Overview by E-SPIN that will give you more information regarding this product.
For those who are in managing company websites, web applications, portal, and who are in search for scanning website for vulnerability cause by insecure web applications and in the role of website security management scenario and context.
Then, this summary and highlight of post event video clip will be for you, if you are not able to attend Acunetix Web Vulnerability Scanner (WVS) What’s New version 10.5 Product Overview by E-SPIN for end user and channel partner product seminar session.
If you have any inquiry or questions, feel free to contact E-SPIN for solution, product and project requirements.