Vulnerability scanning Cloud4Y WebGuard

  • At TOP 3 SaaS (Cnews) and the TOP 5 IaaS (J'son)
  • Legal guarantee availability (SLAs of 99.95%)
  • Free quiz for 10 days
  • No monthly fee, postpaid scheme calculations
  • Russian data centers are TIER 3 with Hi-End equipment

read More...
Vulnerability scanning Cloud4Y WebGuard
DISCOUNT UP TO20%

We are interested in long-time mutually beneficial cooperation with our Clients and are ready to offer very good conditions. Communicate with us and be sure that we will make all greatest possible for the solution of your tasks, an optimum and economic method.

Cloud4Y WEBGuard


Check web applications "WEBGuard Web Application Scanning" (WAS) leverages scalable cloud platform for search, inclusion in lists check as a separate, and all web applications companies. Service WEBGuard WAS performs tests, carries out the analysis of the individual web applications and identifies the vulnerabilities that pose a danger to databases or can help to circumvent the access control to applications.

WEBGuard Service® Web Application Scanning (WAS) is available as a service demand allows you to:

    Index Web application.

    Identify the XSS vulnerability and SQL injection.

    Define "sensitive content" in HTML.

    Scan authentication no.

User manage Web applications to run scans and generate reports using the same interface as in WEBGuard.

Key features:

    Application discovery and cataloging. Find new and unknown web application in network. Web application can be put on your network, almost everyone in your organization  and can easily be forgotten (large organizations can have hundreds or even thousands of apps). WEBGuard WAS helps you truly reduce risk by automatically finding the official and"unofficial" apps that may be lurking in your environment.

    Industrial standard of reporting. Focus on OWASP Top 10 risks. Open Web Application Security Project (OWASP) Top 10 has become the industry standard for categorizing the most critical risks face web applications. WAS WEBGuard allows you to accurately find these vulnerabilities  in including SQL injection, cross-site scripting (XSS), fake cross-site requests (CSRF) and URL redirection  and learn how to effectively eliminate them.

    Custom tagging resources. Organize your data and reports by tags. For increasing the company's number web applications in your organization grows, save them in organizovana form is crucial for proper security. With WEBGuard WAS You can mark your application private label and then use those labels to control reporting and limit access to scan data.

    High-Precision scanning. Saves you time, allowing you to focus on what matters most. WEBGuard WAS designed to reliably find true vulnerabilities, not wasting their time about creativeeye. You can detect OWASP Top 10 risks, such as SQL injection, cross-site scripting (XSS), fake cross-site requests (CSRF) and URL redirection— then the priorities are and are able to focus on issues that will have the greatest effect.

    Authenticated scanning. Automatic sign-in the test like a real user. Just specify the user name and password; WEBGuard automatically identifies login forms and authentication, so that scanning will work as if they were real users. Multiple authentication methods web applications (in including form, HTTP Basic, Digest, and HTLM) ensures compatibility with a wide range of applications. For advanced authentication, the login actions can be recorded and reproduced using selenium, the browser with open-source automation system, which is widely used for functional testing web application.

    Scan schedule at requirement. Scanning is precisely when you want. You can start scanning immediately or schedule their run a point in time in the future. You can even control how much time it will last scan.

    Malware Detection. Find hidden malware before they attack your users. Advanced behavioral analysis helps to detect even the latest samples of malware.

    Precise custom reports. Take the scan results and go to action minutes. With WEBGuard WAS with using a highly customizable, interactive reports, you can perform powerful analysis of scanned images in many applications at once. New create report Wizard makes reporting even easier.

    Interactive dashboard. Understand the security of your application at first sight. See the full presentation on completion of scan reports and identified vulnerabilities on a single screen. With WEBGuard WAS you can scan apps in anywhere-inside your network, hosted in the Internet, or based in cloud  and manage results together.

    Including test data on the penetration. Store data web applications testing one place.

    Share and collaborate. Let it Department and developers to access safely. If you run a large number of applications or more, from you can be your administrators, security staff, developers, managers and even auditors all use WEBGuard in one time — safely, not interfering with each other. Each user can have its own entry with access to the resources and actions that they should receive for their work.

    Extensive API. Integration of the scan data in other security systems. A rich set of API allows you to use the scan results to your web application.



Advantages

Among the advantages are the following:

    Automatic indexing and discovery references. Sophisticated scanning mechanism includes a number of methods for scanning Web applications. This mechanism allows to index up to 5000 links in each resource.

    Identification of vulnerabilities in Web applications. Scan Web application allows you to define the level of security, to identify detected vulnerabilities, sensitive content" and analyze the collected data. Initially, this mechanism looks for weaknesses such as XSS, SQL-injection, source disclosure and directory traversal.

    Threat analysis of Web applications by using report creating. reporting Mechanism WAS in WEBGuard allows you to build different types of reports with the found vulnerabilities and methods of their elimination with sorting by groups or by Web applications. There are reports of the type of ScoreCard and Interactive.

    Scanning with authentication. Have a user name and password allows automatically to index HTML forms authentication. Multiple scan methods authentication supported for each scan, such as a Form, HTTP Basic, NTLM and Digest.

    Black/White list. Defining data lists you can monitor only a certain part of a Web application will be scanned. Blacklist prevents the scanner from visiting certain links, while the White list requires the scanner to visit those links that are clearly identified in this list.

    Search for "sensitive content". This option allows you to find the HTML forms of content like social security numbers, credit cards, and lines defined by the user.



Frequently asked questions (FAQ)

Answers to questions can be found in knowledge base. If You have not found the answer to the question our consultants on the website using online chat or send a support request using


Try for free