| Seattle, Washington - November 21, 2005 - Acunetix, a | | | | Protects Against Google Hacking and Other New |
| leading security software company focused | | | | Threats |
| exclusively on helping enterprises secure their web | | | | With this newest release of Acunetix Web |
| applications and web sites, today announced the | | | | Vulnerability Scanner, security administrators have |
| next-generation version of Acunetix Web Vulnerability | | | | access to a host of new features that will protect their |
| Scanner, which provides a comprehensive solution to | | | | web applications and web sites. |
| detecting system vulnerabilities that are frequently | | | | Prevention of Google Hacking |
| exploited by hackers. | | | | Google hacking is the term used when a hacker tries |
| Acunetix Web Vulnerability Scanner provides a | | | | to find exploitable targets and sensitive data by using |
| complete solution by automatically auditing website | | | | search engines. The Google Hacking Database |
| security. The software crawls an entire website, | | | | (GHDB) is a hacker database of queries that can |
| launches popular web attacks (SQL Injection, Cross | | | | identify sensitive data. Although Google blocks some |
| Site scripting, Google hacking, etc.) and identifies | | | | of the better known Google hacking queries, nothing |
| vulnerabilities that need to be fixed. | | | | stops a hacker from crawling sites and launching the |
| The Achilles Heel in Enterprise Security Strategies: | | | | Google Hacking Database queries directly onto the |
| Web Applications | | | | crawled content. |
| Increasingly, hackers are concentrating their efforts on | | | | Version 3.0 of Acunetix Web Vulnerability Scanner |
| web-based applications - shopping carts, forms, login | | | | launches all the queries found in the Google hacking |
| pages, and dynamic content. A Gartner Group study | | | | database onto the crawled content of enterprise |
| determined that 75% of cyber attacks are done at the | | | | websites thus finding any sensitive data or exploitable |
| web application level. Web applications are accessible | | | | targets before a "search engine hacker" does. |
| 24 hours a day, 7 days a week and are a | | | | Acunetix is first to market with a solution that detects |
| passageway to valuable data: customer and | | | | Google hacking vulnerabilities. |
| employee databases, transaction information and | | | | Other New Features |
| proprietary corporate data. Many enterprises have | | | | Over forty new features and enhancements have |
| addressed network security issues and have | | | | been introduced in the latest release of Acunetix Web |
| implemented firewall technology but have not yet | | | | Vulnerability Scanner. Enhancements include |
| protected their "crown jewels" - data that can be | | | | sophisticated testing for buffer overflows & input |
| compromised via web application hacks. | | | | validation, automatic detection of custom error pages, |
| The first reported instance of a Web application | | | | enhanced abilities to scan websites which are |
| attack was perpetrated in 2000. While making online | | | | password protected, automatic HTML form fillers, the |
| transactions with a large bank, a 17 year-old | | | | ability to crawl Macromedia Flash files, and numerous |
| Norwegian boy noticed that the URLs of the pages he | | | | other new features. A complete description of |
| was viewing displayed his account number as one of | | | | enhancements is available: |
| the parameters. He substituted his account number | | | | Pricing & Availability |
| with the account numbers of random bank customers | | | | Acunetix WVS is available as an enterprise or as a |
| and immediately gained access to customer accounts | | | | consultant version. A subscription based license can be |
| and personal details. Myriad other hackers have | | | | purchased for as little as $1,495, whereas a perpetual |
| followed in his footsteps, exploiting hundreds of | | | | license starts at $2,995. For more information visit: |
| different techniques to compromise web applications | | | | Acunetix is available through its network of partners. |
| and exploit what is fast becoming the biggest Achilles | | | | Partner inquiries from value added resellers are |
| heel in an organization's security strategy. | | | | welcome. For more information, visit |
| "Web applications are now the prime target for | | | | About Acunetix |
| hackers. A quick hack of a vulnerable web application | | | | Acunetix was founded to combat the alarming rise in |
| can give instant access to valuable data such as | | | | web attacks. Its flagship product, Acunetix Web |
| customer credit cards and employee social security | | | | Vulnerability Scanner, is the result of several years of |
| numbers" said Nick Galea, CEO of Acunetix. "New | | | | development by a team of highly experienced security |
| hacking techniques emerge every day. Auditing one's | | | | developers. Acunetix is a privately held company with |
| web applications should be the number one security | | | | headquarters based in Europe (Malta) and a US office |
| concern for every enterprise." | | | | in Seattle, Washington. |
| Version 3.0 of Acunetix Web Vulnerability Scanner | | | | |