This is an archive post from the Netsparker (now Invicti) blog. Please note that the content may not reflect current product names and features in the Invicti offering.
Today, we announce a new Netsparker feature, the Netsparker Radar – Application & Service Discovery Service. This feature can both discover and catalog the websites or web applications that your business has online, including those you may have forgotten. This will help you ensure that you have better security coverage for all your web applications, services, and other online collateral.
Why We Developed Discovered Websites
Organizations may create lots of web applications and services, across the lifetime of their existence. The public-facing ones, on the web, are easy to remember. But those created long ago, or those linked in the background, can easily get forgotten. This is why we developed the Discovered Websites feature, to ensure that as you work toward enhancing your security coverage, you don't leave out any crucial elements.
Once Netsparker Radar becomes aware of all your connected applications and services, it then automatically begins to scan them, to enable you to continue to remediate any security risks.
How the Discovered Websites Feature Works
A service called Netsparker Radar works independently from our Netsparker Enterprise product. It already has hundreds of millions of services on its database. It continually scans the entire internet to find websites that might belong to you.
- All you have to do is register with Netsparker Enterprise for the discovery process to start. It begins with your commercial email and makes immediate suggestions. Then, once you start adding sites, the system will start analyzing your data and make relevant suggestions.
- All users with Manage Websites permission can configure the Service Discovery Settings that determine how online resources are 'discovered'. The Discovered Websites feature uses parameters such as IP Address or IP Range, Second Level Domain, Top Level Domain and Organization Name. Your configuration and data are analyzed, and further suggested websites are added to the list.
- All discoveries are listed in a new Discovered Websites window. From this window, you can then select to add (Create) those discoveries to a list of websites to scan. Alternatively, you can also select to Exclude or Blacklist certain websites.
This new feature enhances your capability, enabling you to conduct a comprehensive security audit and better secure your online presence, continually reducing web application vulnerability security threats.
For further information, see Application and Service Discovery.