Recommended: System Errors? Click here to Fix your PC »
"PCI compliance, required by September 2007, is not just another bureaucraticstandard to comply to. ItÂ's a standard to protect consumers and the future of onlinebusiness, based on real world needs. To avoid similar cases such as TJX happeningagain, it is imperative that companies take all the necessary precautions to ensurethey reach compliancy," announced Nick Galea, CEO Acunetix. "Acunetix WVS v5 willcheck your web site and alert you to any issues you need to fix. Once fixed, it willcreate a detailed report which will allow you to easily prove that you meet theseparticular PCI standards."
Acunetix WVS v.5 helps meet the following PCI requirements:
 (Requirement 2.2.4) Remove all unnecessary functionality (Requirement 2.3) Encrypt all non-console administrative access (Requirement 4) Encrypt transmission of cardholder data across open, public networks (Requirement 6) Develop and maintain secure systems and applications (Requirement 6.5.1) Unvalidated Input (Requirement 6.5.2) Broken Access Control (Requirement 6.5.3) Broken Authentication and Session Management (Requirement 6.5.4) Cross Site Scripting (XSS) Flaws (Requirement 6.5.5) Buffer Overflows (Requirement 6.5.6) Injection Flaws (Requirement 6.5.7) Improper Error Handling (Requirement 6.5.8) Insecure Storage (Requirement 6.5.9) Denial of Service (Requirement 6.5.10) Insecure Configuration Management
A PCI Compliance Guide is available at:http://www.acunetix.com/we bsitesecurity/PCI-Compliance.p df
Other important new features:
Acunetix Reporter The Acunetix Reporter is a separate application which provides centralized controlover all reporting and documentation needs. The Reporter allows single-clickreporting capability and features multiple reporting formats such as vulnerabilityand developer reports, compliance (including The Health Insurance Portability andAccountability Act (HIPAA), OWASP TOP 10 2004, OWASP TOP 10 2007, Payment CardIndustry (PCI), Sarbanes Oxley Act of 2002, Web Application Security Consortium:Threat Classification), comparison, and also statistical reports. The Reporterallows reports to be exported as PDF, RTF, HTML, BMP, and PRN formats.
Web Services ScannerMany organizations are implementing the Web Services architecture to increase theavailability of information and to improve process executions of the internet. WebServices, like any other internet-dependent system, presents new exploitpossibilities and increases the need for security audits. The Web Services Scannerperforms automated vulnerability scans for Web Services and generates detailedsecurity reports from the results.
Web Services EditorAllows the importing of an online or local WSDL and the sending of custom operationinputs over the ServiceSOAP ports. Also includes in depth analysis of the WSDLstructure, containing parameters in the XML schema and the various operations overthe SOAP service ports.
Subdomain ScannerAutomatically scans a top-level domain to locate any subdomains configured in itshierarchy by using the target domainÂ's DNS server, or by specifying one manually.Any subdomains discovered can be scanned for vulnerabilities from within the toolitself, or imported directly into the HTTP Editor for further analysis throughcustom requests.
Pricing and availabilityAcunetix VWS is available in three versions: Small Business Version (scans 1nominated website), Enterprise Version (scans unlimited websites) and Consultantversion (scans unlimited third party websites). Pricing starts at $1995 for aperpetual Small Business license and $5995 for a perpetual Enterprise license.
About Acunetix Web Vulnerability ScannerAcunetix Web Vulnerability Scanner ensures website security by automaticallychecking for SQL injection, Cross site scripting and other vulnerabilities. Itchecks password strength on authentication pages and automatically audits shoppingcarts, forms, dynamic content and other web applications. Acunetix also crawls andanalyzes websites including flash content, SOAP and AJAX. As the scan is beingcompleted, the software produces detailed reports that pinpoint wherevulnerabilities exist.
About Acunetix Acunetix was founded to combat the alarming rise in web attacks. Its flagshipproduct, Acunetix Web Vulnerability Scanner, is the result of several years ofdevelopment by a team of highly experienced security developers. Acunetix is aprivately held company with headquarters based in Europe (Malta), a US office inSeattle, Washington and an office in London, UK. For more information aboutAcunetix, visit: http://www.acunetix.com; http://www.acunetix.de.
All product and company names herein may be trademarks of their respective owners.
For more information:Please email Tamara Borg: tamara@acunetix.com
