Acunetix by Invicti

Follow us at @InvictiSecurity for Acunetix updates

@lks_kln We are escalating this internally and will have one of our team members reach out to you.

@acunetix @InvictiSecurity My ticket number is #82936

Someone's spamming our @getsentry while trying to find SQL injection vulnerabilities 🙄

@lks_kln @InvictiSecurity Hi Lukas. Our software shouldn't be used to scan a website without authorization. Please provide our support team (support@acunetix.com) with information about the scan so that we can help identify the person behind it.

Seems like someone external used acunetix.com to hit our API with an automated scan. Anything to do about this, @Acunetix @InvictiSecurity? Pretty bad behavior for a commercial product to not require an explicit opt-in.

@ViewdataUK Please provide our support team (support@acunetix.com) with information about the emails you've received so that we can help identify the person behind them.

@ThomasLeenders Our software isn't meant to be used to scan a website without authorization. Please provide our support team (support@acunetix.com) with information about the scan so that we can help identify the person behind it.

@acunetix @acunetix We are a charity org. The people using your tool will use that info to hurt us rather than help build a more resilient platform. We are lucky to have a dev team that can manage these secuirty issues but why let them attack a site they don't own in the first place?

Hey @acunetix we regularly get bad actors using your tool to scan our platform (a charity) for vulnerabilities. Just today we had several thousand requests in a 1 hour period targeting a specific endpoint. Are you doing anything to stop your users doing this?

You know that #DAST vulnerability scanners are essential, but do you know exactly how they work? We break down the types of scanning – and the pros and cons of each – on the blog: okt.to/elCTnZ

@racter We're looking forward to meeting with you for that demo! Let us know if you run into any other problems.

Oh, I hadn't understood that the video was mandatory and the meeting scheduling came after it. [SOLVED]

@acunetix I requested a demo about 10 days ago but haven't received any messages from you. Please contact me.

Imagine a hacker reaches out to your org about a vulnerability they found in one of your #webapps. If you don't take the proper steps, you could be looking at an uncoordinated vulnerability disclosure. Head to the blog to learn how to handle the situation: okt.to/hW1C42

#Security is built on pillars, like having the right people and the right tools for your business. But #hackers shouldn't be overlooked. Read on to learn how you can work with them instead of against them for a more robust security posture: okt.to/vuhqTH

🤔 Want to know the who, what, where, why, and how of #threatmodeling for #webapps? Visit the @Acunetix blog for a complete rundown: okt.to/1vCdh8

We're all too familiar with #RCE vulnerabilities – remember #Log4Shell? Fortunately, this #Confluence bug isn't as widespread, but Atlassian users should still take it seriously. @Acunetix now has a check for it, so update your software to start scanning: okt.to/JhDEH7

If you find a problem in your bloodwork, you need a follow-up appointment with your doctor. If you find a vulnerability within your #webapps, you might not take that kind of extra step. Kevin Beaver shares why you should on the @Acunetix blog: okt.to/3ng2jV

The term #DevSecOps was coined to emphasize the role of #security processes and automation in the #SDLC. But how does that really happen? We break it down for you on the @Acunetix by Invicti blog: okt.to/21xucW

The #cybersecurity skills gap is practically old news, but that doesn't mean it's going away. So how do organizations cope? We share four suggestions on the blog: okt.to/spVrLB.

#AppSec analytics are so much more than just numbers. We share four ways that they help #DevSecOps professionals on the blog: okt.to/ekxqHj. How do analytics make your life easier? Let us know below. ⤵

@digininja Hey, Robin – we've flagged this to our support team. If you run into any other issues, please reach out to support@acunetix.com for assistance.

Does the "Keep me signed in" feature on Acunetix cloud scanner work for anyone? I tick it every time I log in, and every time, after a few minutes of idle time I'm kicked back out to the login page.

You can do everything right and still become a victim of a #cyberattack. That's why it's critical to have an incident response plan no matter what. We detail how to build an effective IRP on the blog ⬇ okt.to/PMDwL4

Are #cybersecurity frameworks only useful for large organizations? No. Even for smaller private-sector orgs, they can help you focus on what's really important in your #security posture. Learn about our favorites and how they apply to #webapps on the blog: okt.to/eZlQrA

#DevSecOps merges work done by your development, security, & IT operations teams to deliver efficient, effective #software development practices. Why is it so rare? We take a look at the implementation difficulties and how to eliminate them on the blog: okt.to/4k9gln

We analyzed aggregated usage #data from more than 23 billion #security checks and uncovered some alarming trends about direct-impact #vulnerabilities. 🔎 Get the scoop about our latest AppSec Indicator: okt.to/DLq07I

‼ A check for #Spring4Shell is now available in Acunetix Premium. More on how to find out if your #webapps are affected and how to mitigate attacks on the blog: okt.to/i1VXbn