Upon the completion of a Web or Network Scanning, you will be offered with the choice of generating a wide array of Reports to help you manage escalation and remediation of vulnerabilities. Acunetix includes a set of Internal Management reports to be able to share security findings internally with developers and management, as well as a range of Compliance and Classification reports for regulatory standards and best practice guidelines.
The Executive Summary is a one (1) page report, usually what high executive personnel wants, where an overview of the alerts is listed. It is ideal for comparing the results before and after a remediation work has been in place.
The Developer report provides a comprehensive summary of a scan. It will display scan details, server details, alert summary and alert details, pages with a long response time, a list of external links, email addresses, client scripts and external hosts, together with remediation examples and best practice recommendations for fixing the vulnerabilities detected during a scan.
PCI DSS Compliance Report
The Payment Card Industry Data Security Standard (PCI DSS) was developed to encourage and enhance cardholder data security and facilitate the broad adoption of consistent data security measures globally. PCI DSS provides a baseline of technical and operational requirements designed to protect cardholder data. PCI DSS applies to all entities involved in payment card processing-including merchants, processors, acquirers, issuers, and service providers, as well as all other entities that store, process or transmit cardholder data (CHD) and/or sensitive authentication data (SAD).
Network Security Report
Network vulnerability tests performed during a scan include assessing security testing of detected devices such as routers, firewalls, switches and load balancers; testing for weak passwords on common protocols such as FTP, IMAP, database servers, POP3, Socks, SSH and Telnet; Testing for DNS-related server vulnerabilities such as DNS zone transfer attacks, open recursive DNS attacks and DNS cache poisoning attacks; testing for badly configured Proxy Servers, weak SNMP community strings, weak TLS/SSL ciphers and many other security weaknesses.