Acunetix Web Vulnerability version 10 whats new overview

E-SPIN delighted to announce the release of Acunetix Vulnerability Scanner version 10. The new version includes an improved Login Sequence Recorder for automatic scanning of login protected pages, extends support for Java Frameworks, Ruby on Rails and WordPress security scanning, and can use input from various web development and pen-testing tools.

New in Acunetix Vulnerability Scanner v10

• ‘Login Sequence Recorder’ has been re-engineered from the ground-up to allow restricted areas to be scanned entirely automatically.
• Now tests for over 1200 WordPress-specific vulnerabilities in the WordPress core and plugins.
• Acunetix WVS Crawl data can be augmented using the output of: Fiddler .saz files, Burp Suite saved items, Burp Suite state files, HTTP Archive (.har) files, Acunetix HTTP Sniffer logs, Selenium IDE Scripts.
• Improved support for Java Frameworks (Java Server Faces (JSF), Spring and Struts) and Ruby on Rails.
• Increased web services support for web applications which make use of WSDL based web-services, Microsoft WCF-based web services and RESTful web services.
• Ships with a malware URL detection service, which is used to analyse all the external links found during a scan against a constantly updated database of Malware and Phishing URLs.

Continue with E-SPIN long term tradition, two round of technology briefing for what news will be hold on following date, totally free of charge and fully sponsor by E-SPIN for existing channel partner and end user.

• 28 July 2015 (Tuesday) Channel reseller partner track open for reseller partner understanding the what new and related go to market (GTM) channel support activities. Reseller interest to attend, please click here for registration.

• 29 July 2015 (Wednesday) End user track open for end user company understanding the what new and related benefits of adoption, prepare for migration and upgrade. End user interest to attend, please click here for registration.

Contact us for any inquiry for the event or product information.

Acunetix also updating the features in the online version of the product, (Acunetix OVS). The new version includes automated scanning of login protected pages and extends support for Java Frameworks, Ruby on Rails and WordPress security scanning.

Modified Pricing Modules
Pricing for Acunetix WVS Enterprise and Consultant licenses have been changed. Licensing models are now limited to:

• Enterprise 2 concurrent scans (perpetual and subscription)
• Consultant 5 concurrent scans (perpetual and subscription)
• Consultant 10 concurrent scans (perpetual and subscription)

Please note that:

• Small Business Edition will no longer be supported
• Both the Enterprise and Consultant licenses will include one year of free maintenance. Contact E-SPIN for further detailed.

Read Full Post »

How to achieve Windows Server SNMP v3 Security Compliance

Technology world keep changing, so do security compliance requirement. More and more enterprise customer required to migrated from existing SNMP v2 to SNMP v3 monitoring for server.

Since Windows doesn’t support SNMPv3 inherently (that is, you will encounter SNMP v3 agent issue matter);SNMP is actually being depreciated in Windows server 2012; you’ll need a 3rd party solution.

For the quick how to, following the rest of the topic to get it supported.

1. First, you need to decide which 3rd party solution to go about. Below listed three.

3rd Party Solutions:

• MG-SOFT – Commercial
• SNMP-Informant – Commercial
• Net-SNMP – Open Source

For the above two commercial 3rd party and  one Open Source solutions, E-SPIN can supply if required, as part of the project bundled, or add on after post project basis (together with implementation, configuration, testing and commissioning), just let us know, we have our commercial team, follow with technical team to assist you.

Once the SNMP v3 agent portion is resolved.

Then you can configure your existing Network Management System (NMS) or System Management System (SMS) to support Windows Server SNMP v3 Monitoring.

Below is one of the example you can use for reference:

WhatsUp Gold (WUG) configuration how to.

Add SNMPv3 protocol credentials:

1. From the main menu of the WhatsConnected console, select Configure > Protocol Settings/Credentials. The Protocol Settings/Credentials dialog appears.
2. Click New.
3. Select SNMPv3, then click OK. The protocol properties dialog appears.
4. Enter a Name for the set of SNMPv3 credentials.
5. Enter the Username that is configured for the SNMP agent. This username is included in every SNMP packet in the authentication header. An SNMP device, upon reception of a packet, uses this username to look for configured authentication and encryption parameters and applies them to the received message.
6. Optionally, enter the Context needed to identify specific SNMP instances on your network.
7. If required, select the Protocol used for Authentication. Additionally, enter thePassword used for authentication.
8. If supported, select the Protocol used for Encryption. Additionally, enter the Password used for encryption.
9. Increase or decrease the SNMP Timeout. This setting is dependent on the latency and load on your network devices. Longer timeouts can cause discovery to slow down. However, if the network is experiencing a lot of network traffic, a longer timeout is recommended. A default of 1000 milliseconds is recommended for small to medium size networks. Note: If you are discovering across a WAN link, allow for a longer timeout.
10. Increase or decrease the SNMP Retry count. This setting is dependent on the latency and load on your network devices. More retries allow for SNMP failures or heavy network loads. However, more retries slow down the discovery process. One or two retries is recommended for small to medium size networks.

Then Done. Your Windows Server is right now running under SNMP v3 for the latest security compliance.

Read Full Post »