One of the key components to establishing your Business Trust is the security and protection of your website and the information in your database. We are committed to providing you the best security solution in the industry and the foundation is our Vulnerability and Web Application Scanning.
Ease of Use = Hassle Free
Our security product is designed as Software-as-a-Service (SaaS) meaning that there are no downloads, no installs, and no hassles! Once you provide us with the IP address or web domain of the site you want us to scan, that’s it! We will run a regular scan on your site and inform you of any threats or vulnerabilities we find, giving you comfort that your valuable customer information is protected from malicious hackers.
Strong Technology Base
Our scanner is an automated web application security testing tool that audits web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive web site and web application penetration testing.
We are proud to offer the following features:
- A new security technology that allows identification of more vulnerabilities than a traditional Web Application Scanner, while generating less false positives.
- Combines black box scanning techniques with feedback from “sensors” placed inside the source code while the source code is executed.
- An automatic client script analyzer allowing for security testing of Ajax and Web 2.0 applications
- Industries' most advanced and in-depth SQL injection and Cross site scripting testing
- Advanced penetration testing tools, such as the HTTP Editor and the HTTP Fuzzer
- HTTP Editor - Construct HTTP/HTTPS requests and analyze the web server response.
- HTTP Sniffer - Intercept, log and modify all HTTP/HTTPS traffic and reveal all data sent by a web application
- HTTP Fuzzer - Performs sophisticated testing for buffer overflows and input validation. Test thousands of input variables with the easy to use rule builder of the HTTP fuzzer. Tests that would have taken days to perform manually can now be done in minutes.
- Blind SQL Injector - Ideal for penetration testers, the Blind SQL injector is an automated database data extraction tool that is perfect for making manual tests that allow further testing for SQL injections.
- Create custom attacks or modify existing ones with the Web Vulnerability Editor
- Automatically fill in web forms and authenticate against web logins
- Support for pages with CAPTHCA, single sign-on and Two Factor authentication mechanisms
- Multi-threaded and lightning fast scanner crawls hundreds of thousands of pages with ease
- Intelligent crawler detects web server type and application language
- Crawls and analyzes websites including flash content, SOAP and AJAX
- Port scans a web server and runs security checks against network services running on the server
Google Hacking Database
The Google Hacking Database (GHDB) is a database of queries used by hackers to identify sensitive data on a website such as portal logon pages, logs with network security information, and so on. Our scanner will launch the Google hacking database queries onto the crawled content of the web site and identify sensitive data or exploitable targets before a “search engine hacker” does.
You will receive an initial assessment report of your website that covers all High, Medium, and Low vulnerabilities we find. Our reports are conveniently grouped by threat level and give an overall score to your website that helps you identify where to focus your remediation efforts first. Once you fix any critical and outstanding issues, we will send you a report whenever we discover a new vulnerability. This way you are only alerted if you need to take action!
Step by Step Solution Instruction
Along with every vulnerability found, we include the basis for the threat (i.e. what causes it and how hackers could exploit it) as well as step by step instructions on how you would solve the issue. Your IT manager should be able to easily follow the instructions to bring your website compliant very quickly.