📙 You will learn

About Acunetix 360 Remote Provider, its permissions and scan orchestration.

Prerequisites

Audience: IT Professional or End User
Difficulty: Basic
Time needed: Approximately 5 minutes
Tools required: N/A

For general information & instructions on the use of Remote Providers within ThreadFix, please refer to the Remote Providers parent page. For information on REST API functionality for Remote Providers, please refer to the following: Remote Providers API

Introduction

Acunetix Web Vulnerability Scanner is an automated web application security testing tool that audits web applications by checking for vulnerabilities accessible via web browser.

Permission

The Acunetix 360 user account integrating with ThreadFix must be granted the following permissions Account Administrator role, in addition to the default having API Access :

• Manage Websites

• View Scan Reports
  

Image Removed

enabled.

Image Added

Remote Provider Configuration

When setting up the Remote Provider integration in ThreadFix, you’ll need to use https://online.acunetix360.com/api/1.0 as the URL.

Image Added

Scan Orchestration

ThreadFix supports scan orchestration via the UI for Acunetix 360. In order to use the Scan Orchestration feature the ThreadFix user must have “Manage Remote Provider Scans” permission. After having configured the Remote Provider and mapped it to a ThreadFix application, you can click the Request button to initiate a scan, and after which the scan completes, you can click the Import button to import the result.

Another method to initiate a scan orchestration is to click the Scan Orchestration (rocket) button within the Remove Provider Application tab.