Can you afford to pay $500K in fines

Released on = June 11, 2007, 4:59 am

Press Release Author = Acunetix Ltd

Industry = Software

Press Release Summary = New version 5 of Acunetix Web Vulnerability Scanner ensures
companies meet PCI compliancy

Press Release Body = London, UK - June 11, 2007 - The PCI Compliancy Standard
requires any company that has a website and does business online, to ensure their
web site and web applications are secure. Penalties for noncompliance range from
fines of up to $500,000, to increased auditing requirements or even losing the
ability to process credit card transactions. Acunetix today announced the release of
Acunetix Web Vulnerability Scanner v5 which includes an extensive compliancy
reporting tool amongst others, to aid companies achieve PCI compliancy.

\"PCI compliance, required by September 2007, is not just another bureaucratic
standard to comply to. It's a standard to protect consumers and the future of online
business, based on real world needs. To avoid similar cases such as TJX happening
again, it is imperative that companies take all the necessary precautions to ensure
they reach compliancy,\" announced Nick Galea, CEO Acunetix. \"Acunetix WVS v5 will
check your web site and alert you to any issues you need to fix. Once fixed, it will
create a detailed report which will allow you to easily prove that you meet these
particular PCI standards.\"

Acunetix WVS v.5 helps meet the following PCI requirements:

. (Requirement 2.2.4) Remove all unnecessary functionality
. (Requirement 2.3) Encrypt all non-console administrative access
. (Requirement 4) Encrypt transmission of cardholder data across open, public networks
. (Requirement 6) Develop and maintain secure systems and applications
. (Requirement 6.5.1) Unvalidated Input
. (Requirement 6.5.2) Broken Access Control
. (Requirement 6.5.3) Broken Authentication and Session Management
. (Requirement 6.5.4) Cross Site Scripting (XSS) Flaws
. (Requirement 6.5.5) Buffer Overflows
. (Requirement 6.5.6) Injection Flaws
. (Requirement 6.5.7) Improper Error Handling
. (Requirement 6.5.8) Insecure Storage
. (Requirement 6.5.9) Denial of Service
. (Requirement 6.5.10) Insecure Configuration Management

A PCI Compliance Guide is available at:
http://www.acunetix.com/websitesecurity/PCI-Compliance.pdf

Other important new features:

Acunetix Reporter
The Acunetix Reporter is a separate application which provides centralized control
over all reporting and documentation needs. The Reporter allows single-click
reporting capability and features multiple reporting formats such as vulnerability
and developer reports, compliance (including The Health Insurance Portability and
Accountability Act (HIPAA), OWASP TOP 10 2004, OWASP TOP 10 2007, Payment Card
Industry (PCI), Sarbanes Oxley Act of 2002, Web Application Security Consortium:
Threat Classification), comparison, and also statistical reports. The Reporter
allows reports to be exported as PDF, RTF, HTML, BMP, and PRN formats.

Web Services Scanner
Many organizations are implementing the Web Services architecture to increase the
availability of information and to improve process executions of the internet. Web
Services, like any other internet-dependent system, presents new exploit
possibilities and increases the need for security audits. The Web Services Scanner
performs automated vulnerability scans for Web Services and generates detailed
security reports from the results.

Web Services Editor
Allows the importing of an online or local WSDL and the sending of custom operation
inputs over the ServiceSOAP ports. Also includes in depth analysis of the WSDL
structure, containing parameters in the XML schema and the various operations over
the SOAP service ports.

Subdomain Scanner
Automatically scans a top-level domain to locate any subdomains configured in its
hierarchy by using the target domain's DNS server, or by specifying one manually.
Any subdomains discovered can be scanned for vulnerabilities from within the tool
itself, or imported directly into the HTTP Editor for further analysis through
custom requests.

Pricing and availability
Acunetix VWS is available in three versions: Small Business Version (scans 1
nominated website), Enterprise Version (scans unlimited websites) and Consultant
version (scans unlimited third party websites). Pricing starts at $1995 for a
perpetual Small Business license and $5995 for a perpetual Enterprise license.

About Acunetix Web Vulnerability Scanner
Acunetix Web Vulnerability Scanner ensures website security by automatically
checking for SQL injection, Cross site scripting and other vulnerabilities. It
checks password strength on authentication pages and automatically audits shopping
carts, forms, dynamic content and other web applications. Acunetix also crawls and
analyzes websites including flash content, SOAP and AJAX. As the scan is being
completed, the software produces detailed reports that pinpoint where
vulnerabilities exist.

About Acunetix
Acunetix was founded to combat the alarming rise in web attacks. Its flagship
product, Acunetix Web Vulnerability Scanner, is the result of several years of
development by a team of highly experienced security developers. Acunetix is a
privately held company with headquarters based in Europe (Malta), a US office in
Seattle, Washington and an office in London, UK. For more information about
Acunetix, visit: http://www.acunetix.com; http://www.acunetix.de.

All product and company names herein may be trademarks of their respective owners.

For more information:
Please email Tamara Borg: tamara@acunetix.com





Web Site = http://www.acunetix.com

Contact Details = Acunetix Ltd
Communications House
26 York Street
W1U 6PZ, London
UK

Tel: (+44) 0845 6126712
Fax: (+44) 0845 6126716
URL: http://www.acunetix.com.

  • Printer Friendly Format
  • Back to previous page...
  • Back to home page...
  • Submit your press releases...
  •