Check web applications "WEBGuard Web Application Scanning" (WAS) leverages scalable cloud platform for search, inclusion in lists check as a separate, and all web applications companies. Service WEBGuard WAS performs tests, carries out the analysis of the individual web applications and identifies the vulnerabilities that pose a danger to databases or can help to circumvent the access control to applications.
WEBGuard Service® Web Application Scanning (WAS) is available as a service demand allows you to:
Index Web application.
Identify the XSS vulnerability and SQL injection.
Define "sensitive content" in HTML.
Scan authentication no.
User manage Web applications to run scans and generate reports using the same interface as in WEBGuard.
Application discovery and cataloging. Find new and unknown web application in network. Web application can be put on your network, almost everyone in your organization and can easily be forgotten (large organizations can have hundreds or even thousands of apps). WEBGuard WAS helps you truly reduce risk by automatically finding the official and"unofficial" apps that may be lurking in your environment.
Industrial standard of reporting. Focus on OWASP Top 10 risks. Open Web Application Security Project (OWASP) Top 10 has become the industry standard for categorizing the most critical risks face web applications. WAS WEBGuard allows you to accurately find these vulnerabilities in including SQL injection, cross-site scripting (XSS), fake cross-site requests (CSRF) and URL redirection and learn how to effectively eliminate them.
Custom tagging resources. Organize your data and reports by tags. For increasing the company's number web applications in your organization grows, save them in organizovana form is crucial for proper security. With WEBGuard WAS You can mark your application private label and then use those labels to control reporting and limit access to scan data.
High-Precision scanning. Saves you time, allowing you to focus on what matters most. WEBGuard WAS designed to reliably find true vulnerabilities, not wasting their time about creativeeye. You can detect OWASP Top 10 risks, such as SQL injection, cross-site scripting (XSS), fake cross-site requests (CSRF) and URL redirection— then the priorities are and are able to focus on issues that will have the greatest effect.
Authenticated scanning. Automatic sign-in the test like a real user. Just specify the user name and password; WEBGuard automatically identifies login forms and authentication, so that scanning will work as if they were real users. Multiple authentication methods web applications (in including form, HTTP Basic, Digest, and HTLM) ensures compatibility with a wide range of applications. For advanced authentication, the login actions can be recorded and reproduced using selenium, the browser with open-source automation system, which is widely used for functional testing web application.
Scan schedule at requirement. Scanning is precisely when you want. You can start scanning immediately or schedule their run a point in time in the future. You can even control how much time it will last scan.
Malware Detection. Find hidden malware before they attack your users. Advanced behavioral analysis helps to detect even the latest samples of malware.
Precise custom reports. Take the scan results and go to action minutes. With WEBGuard WAS with using a highly customizable, interactive reports, you can perform powerful analysis of scanned images in many applications at once. New create report Wizard makes reporting even easier.
Interactive dashboard. Understand the security of your application at first sight. See the full presentation on completion of scan reports and identified vulnerabilities on a single screen. With WEBGuard WAS you can scan apps in anywhere-inside your network, hosted in the Internet, or based in cloud and manage results together.
Including test data on the penetration. Store data web applications testing one place.
Share and collaborate. Let it Department and developers to access safely. If you run a large number of applications or more, from you can be your administrators, security staff, developers, managers and even auditors all use WEBGuard in one time — safely, not interfering with each other. Each user can have its own entry with access to the resources and actions that they should receive for their work.
Extensive API. Integration of the scan data in other security systems. A rich set of API allows you to use the scan results to your web application.