Web Application Scanning (WAS)

WAS is a feature that enables organizations to assess, manage and prioritize web application vulnerabilities. Able to integrate with both the Outpost24 OUTSCAN cloud service and the HIAB plug and play appliance, WAS uniquely scans in both the web server and web application layers.

Easy to deploy and use, WAS is a  cost efficient way of assessing web applications.

Automatically scanning thousands of web pages for vulnerabilities quickly and easily, WAS accurately detects common web application flaws.

Key Features:

• Scan thousands of web pages for vulnerabilities quickly and easily on ad-hoc or recurring basis
• Highly accurate Cross Site Scripting and SQL Injection vulnerability detection
• Support for scanning virtual hosted sites
• Fulfils PCI ASV Requirement 11.2
• Advanced user definable scope setting such as IP ranges, URI seed lists, URI white lists, URI black lists and virtual hosts
• Scan crawler can be tuned for maximum links, request delays, and custom transfer timeouts
• New settings allow for many types of authenticated scanning such a; HTML form, NTLM and HTTP basic authentication.
• Highly accurate detection of remote file include local file include, command injection, code injection, format string issues, cross-site request forgery and CRLF injection
• Market leading coverage of web server related vulnerabilities and low number of false positives

Key Benefits

Some of the key benefits of implementing the WAS proactive solution from Outpost24 include:

• Complete solution - integrated with existing tools to provide unified reporting of both network and web vulnerabilities
• Ease of deployment and use - no software to download or install. Easy to use reports allow quick remediation guidance
• Expedite risk management - high speed scanning with average times under one hour