SANTA CLARA and REDWOOD SHORES, CALIFORNIA, USA & LONDON, UK: Acunetix, a market leader in web application security technology, and Imperva, Inc. (NYSE: IMPV) a pioneer and leader a new category of business security solutions for critical applications and high-value data in the data center, yesterday announced that Acunetix Web Vulnerability Scan (WVS) results can now be imported into the SecureSphere Web Application Firewall (WAF) to automatically configure settings that will mitigate the discovered vulnerabilities.
When web application weaknesses such as SQL Injection or Cross Site Scripting are detected by Acunetix WVS, SecureSphere will transform the results into WAF security policies that offer immediate protection to companies needing the time to deal with and fix the security vulnerabilities and not be at risk in the meantime.
Using Acunetix WVS scan results to automate WAF configuration is designed to reduce workload and errors when compared to manually configuring a web application firewall such as SecureSphere.
“Many Imperva customers use Acunetix WVS to uncover Web vulnerabilities,” said Imperva CTO, Amichai Shulman. “We believe that the interoperability of the SecureSphere WAF with Acunetix WVS will allow our customers to mitigate those vulnerabilities quickly and reduce costly data breaches.”
“Acunetix sets a high standard when it comes to discovering web application vulnerabilities. We recommend using a web application firewall like SecureSphere to protect web applications until vulnerabilities can be dealt with directly,” said Nick Galea, Acunetix CEO.
Expected benefits of the interoperability of the SecureSphere WAF with Acunetix WVS are as follows:
• Reduced risk exposure – Vulnerabilities are mitigated before developers and testers can fix the web application’s code, thus shortening the Time-to-Fix.
• Accurate Protection – Virtual patching policies are created automatically, reducing the risk of configuration errors that can lead to false positive or negative alerts.
• Reduced Development Cost – Spend less development resources in emergency situations, fix code vulnerabilities during the normal release cycle.
• Compliance Reporting – Show auditors that vulnerabilities are virtually patched thanks to detailed WAF configuration reports.