Web Application Scanning
Gartner states that 75% of the attacks occur in the application layer, which makes web applications the most vulnerable layer in your IT environment. Our web application scanner automatically and continuously scans your web applications and APIs for an ever-increasing number of vulnerabilities. We find OWASP top 10 vulnerabilities, misconfigurations, weak passwords, and exposed system information and personal data – in all types of applications.
KEY FEATURES
Find weaknesses where you are the most vulnerable
Automatic & continuous
Just in a month, there are thousands of new known vulnerabilities. Scheduled and continuous scans find new vulnerabilities fast.
Risk-based
Don’t get lost by all the data. Our platform helps you understand what vulnerabilities to remediate first through a number of automated and simple tools.
Systematic & proactive
Our platform provides a great foundation for systematic and risk-based work with your cyber security defense.
Complete coverage
We cover every type of web application, public as well as local. Intranets, commercial websites, portals, and more.
COMPLIANCE
Meet existing & future compliance
Along with the growing threat picture there are new legal requirements, standards and certifications. We help you meet existing and future requirements.
- OWASP top 10
- GDPR
- PDPA
- NIS
VULNERABILITIES
OWASP top 10 and more
Our web application scanner finds a wide range of vulnerabilities in your web applications.
- Large number of common web application vulnerabilities.
- OWASP top 10 vulnerabilities.
- Several thousands of vulnerabilities in specific CMSs such as WordPress.
- Vulnerabilities in REST APIs.
TECH DETAILS
Features & functions
- Scans web applications requiring authentication.
- Scans of local cloud infrastructure, such as AWS.
- Detects outdated and vulnerable JavaScript components.
- Detects web application configuration and faulty permission.
- Detects the exposure of personal data, credit card numbers, and passwords.
- Detects the exposure of system information.
- Fuzz testing (detects if a web application behaves irrationally or unexpectedly).
- Warns if SSL certificates have expired, are about to expire, or are vulnerable.
- Automatically identifies web servers, programming languages, and databases.
- Automatic update of vulnerability database.
- High precision with a low number of false-positives.
- Continuous Monitoring.
- SAML 2.0 Single Sign-On.
- Role-Based Access Control (RBAC).
- Full IPv6 support.
DISTRIBUTION OPTIONS
Cloud & on-premise – one technology
Cloud
Safe and secure management and storage in the cloud. Select what physical datacenter that suits you. Get started in just minutes.
On-premise
Installed and operating within your own infrastructure, with local data storage. Automatic software and vulnerability test updates.
ADMINISTRATION
Centralized, powerful administration & orchestration
Security Center
Security Center is our easy-to-use web-based control panel that gives comprehensive insights and helps you manage vulnerabilities. Through flexible dashboards and reports, you get a visual overview of current data, development over time, and more. Security Center supports Role-Based Access Control (RBAC).
Organizer
Organizer enables different people, groups of users, departments, or countries to be given isolated access to relevant vulnerability data while maintaining a centralized administration. Get the best of two worlds – decentralized management to engage your teams, while still having support for centralized management.