Web Scan Service: its range of funtionality

Combination of source code analysis and black box scanning for a more valuable result

With Web Scan Service you are able to scan your web application with a source code analysis combination (currently with PHP). The black box scanning mechanism combined with a source code analysis makes the Web Scan Service Technology leading in accurateness which is not available at any competitor.

Automatic False Positive Detection

Complex and big web applications often produces vulnerabilities which are not existent ( False Positives ). Web Scan Service contains a powerful algorithm to prevent and reduce the "False Positives".

Advanced reporting system in order to compare scan results

The Web Scan technology enables you to compare as much scans as you like over a period of your choice. Therefore not just before-after-results can be shown even trend of security of your web application can be shown.

Reporting in the format of your choice (HTML / RTF / PDF)

The current Web Scan technology enables you to create reports in any different format (HTML / RTF / PDF). Moreover if desired the reports can be automatically sent to an email of your choice (even encrypted).

Support of various web authentication mechanisms

The Web Scan technology supports a wide range of various authentication mechanisms such as

Basic, NTLM and  form-based.

HTTP fingerprinting and web server identification

A very important task when auditing web applications is the exact identification of the used web server technology. Only this way it is possible to check the web server on existing and well known vulnerabilities and to give you remediation tasks. The Web Scan technology already supports the possibility to exactly identify over 200 web servers (e.g. Microsoft IIS 5/6/7, Apache etc.).