The Acunetix REST API

In addition to the user-friendly Acunetix user interface, all Acunetix functionality is also available through a built-in REST API. The REST API is available immediately upon installation and requires no configuration at all. All you need to do is open the Acunetix GUI to get the API key and you can start using the Acunetix REST API.

Integration with the Acunetix REST API

The primary reason why businesses choose to use the Acunetix REST API is to be able to integrate the scanner with custom systems. Acunetix has out-of-the-box integrations for many solutions, for example, several issue trackers including Jira, as well as CI/CD tools like Jenkins. However, in the case of other products, custom integrations are required.

If other products also have a REST interface, you can use any appropriate language to build scripts, which access Acunetix through the REST interface, execute scans, get vulnerability data, and then provide this data to other tools. For example, you can use the Acunetix REST API to get web application firewall export files and then upload them directly to the web application firewall using the WAF REST API.

Automation with the Acunetix REST API

Another reason why businesses choose to use the Acunetix REST API instead of the GUI is automation. While Acunetix provides internal scheduling capabilities and the continuous scanning function, which performs critical scans daily and deep scans weekly, some customers may prefer more automation capabilities.

For example, you may want to run an Acunetix scan automatically after an update of the website. For this purpose, you can create a script that is activated upon detecting any changes in the content of a particular web page and that runs the Acunetix scan to immediately check if those changes introduced any vulnerabilities.

Another automation option would be to run an Acunetix script after the web application is built using a custom CI/CD environment. If you use Jenkins, that option is available out-of-the-box, but if you use other CI/CD tools, it’s also possible to include Acunetix in your SDLC. All you need to do is to create a custom script that works with your CI/CD platform.

Acunetix REST API Examples

Tomasz Andrzej Nidecki
Technical Content Writer

Tomasz Andrzej Nidecki (also known as tonid) is a Technical Content Writer working for Acunetix. A journalist, translator, and technical writer with 25 years of IT experience, Tomasz has been the Managing Editor of the hakin9 IT Security magazine in its early years and used to run a major technical blog dedicated to email security.

*** This is a Security Bloggers Network syndicated blog from Web Security Blog – Acunetix authored by Tomasz Andrzej Nidecki. Read the original post at: